Lucene search
MitreCVE-2010-1364HistoryApr 13, 2010 - 8:30 p.m.
CVE-2010-1364
2010-04-1320:30:00
CWE-89
mitre
web.nvd.nist.gov
28
cve-2010-1364
sql injection
uiga personal portal
index.php
remote attackers
arbitrary commands
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.6
Confidence
Low
EPSS
0.001
Percentile
33.1%
SQL injection vulnerability in index.php in Uiga Personal Portal, as downloaded on 20100301, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action. NOTE: some of these details are obtained from third party information.
Affected configurations
Node
uigapersonal_portal
| Vendor | Product | Version | CPE |
|---|---|---|---|
| uiga | personal_portal | * | cpe:2.3:a:uiga:personal_portal:*:*:*:*:*:*:*:* |
Related
prion
prion
Sql injection
2010-04-13 20:30:00
nvd
nvd
CVE-2010-1364
2010-04-13 20:30:00
exploitdb
exploitdb
Uiga Personal Portal - 'index.php' 'view' SQL Injection
2010-04-26 00:00:00
Uiga Personal Portal - 'index.php' SQL Injection
2010-02-28 00:00:00
cvelist
cvelist
CVE-2010-1364
2010-04-13 20:20:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.6
Confidence
Low
EPSS
0.001
Percentile
33.1%
Related for CVE-2010-1364