CVE-2010-4921

2011-10-0810:00:00

mitre

www.cve.org

AI Score

8.3

Confidence

Low

EPSS

0.002

Percentile

57.5%

JSON

SQL injection vulnerability in inc_pollingboothmanager.asp in DMXReady Polling Booth Manager allows remote attackers to execute arbitrary SQL commands via the QuestionID parameter in a results action.

References

packetstormsecurity.org/1009-exploits/dmxreadypbm-sql.txt

secunia.com/advisories/41306

securityreason.com/securityalert/8452

www.exploit-db.com/exploits/14908

www.securityfocus.com/bid/42990

www.vupen.com/english/advisories/2010/2309

exchange.xforce.ibmcloud.com/vulnerabilities/61608