Lucene search
MitreCVE-2010-0611HistoryFeb 11, 2010 - 5:30 p.m.
CVE-2010-0611
2010-02-1117:30:01
CWE-89
mitre
web.nvd.nist.gov
28
cve-2010-0611
sql injection
adminlogin.php
baal systems 3.8
security vulnerability
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.9
Confidence
Low
EPSS
0.001
Percentile
27.8%
Multiple SQL injection vulnerabilities in adminlogin.php in Baal Systems 3.8 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Affected configurations
Node
baalsystemsbaal_systemsRange≤3.8
ORbaalsystemsbaal_systemsMatch3.6
ORbaalsystemsbaal_systemsMatch3.7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| baalsystems | baal_systems | * | cpe:2.3:a:baalsystems:baal_systems:*:*:*:*:*:*:*:* |
| baalsystems | baal_systems | 3.6 | cpe:2.3:a:baalsystems:baal_systems:3.6:*:*:*:*:*:*:* |
| baalsystems | baal_systems | 3.7 | cpe:2.3:a:baalsystems:baal_systems:3.7:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2010-0611
2010-02-11 17:00:00
exploitdb
exploitdb
Baal Systems 3.8 - Authentication Bypass
2010-02-07 00:00:00
prion
prion
Sql injection
2010-02-11 17:30:00
nvd
nvd
CVE-2010-0611
2010-02-11 17:30:01
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.9
Confidence
Low
EPSS
0.001
Percentile
27.8%
Related for CVE-2010-0611