Lucene search
HistoryMar 23, 2010 - 1:00 a.m.
CVE-2010-1046
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.7
Confidence
Low
EPSS
0.001
Percentile
33.1%
Multiple SQL injection vulnerabilities in index.php in Rostermain 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) userid (username) and (2) password parameters.
Affected configurations
Node
ryan_marshallrostermainRange≤1.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ryan_marshall | rostermain | * | cpe:2.3:a:ryan_marshall:rostermain:*:*:*:*:*:*:*:* |
Related
prion
prion
Sql injection
2010-03-23 01:00:00
exploitdb
exploitdb
Rostermain 1.1 - Authentication Bypass
2010-02-07 00:00:00
cvelist
cvelist
CVE-2010-1046
2010-03-22 18:17:00
cve
cve
CVE-2010-1046
2010-03-23 01:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.7
Confidence
Low
EPSS
0.001
Percentile
33.1%
Related for NVD:CVE-2010-1046