Sql injection

2010-07-1318:30:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

67.8%

JSON

SQL injection vulnerability in index.php in RightInPoint Lyrics Script 3.0 allows remote attackers to execute arbitrary SQL commands via the artist_id parameter in an addalbum action.

CPENameOperatorVersion
lyrics_engineeq3.0

CPE	Name	Operator	Version
	lyrics_engine	eq	3.0

References

osvdb.org/66033

packetstormsecurity.org/1007-exploits/lyrics-sql.txt

secunia.com/advisories/40438

www.securityfocus.com/bid/41394

www.vupen.com/english/advisories/2010/1741

exchange.xforce.ibmcloud.com/vulnerabilities/60118

www.exploit-db.com/exploits/14244