CVE-2010-1046

2010-03-2218:17:00

mitre

www.cve.org

8.7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

33.3%

JSON

Multiple SQL injection vulnerabilities in index.php in Rostermain 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) userid (username) and (2) password parameters.

References

osvdb.org/62162

secunia.com/advisories/38440

www.exploit-db.com/exploits/11356

www.vupen.com/english/advisories/2010/0318