CVE-2010-2135

2010-06-0218:14:00

mitre

www.cve.org

8.7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

28.0%

JSON

Multiple SQL injection vulnerabilities in login.php in HazelPress Lite 0.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) password fields.

References

packetstormsecurity.org/1002-exploits/hazelpresslite-sql.txt

www.exploit-db.com/exploits/11602

exchange.xforce.ibmcloud.com/vulnerabilities/56587