Lucene search
HistoryNov 03, 2010 - 8:00 p.m.
CVE-2010-4006
cve-2010-4006
sql injection
wsn links 5.x
wsn links 6.x
remote attackers
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
42.7%
Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x before 5.0.81, 5.1.x before 5.1.51, and 6.0.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) namecondition or (2) namesearch parameter.
Affected configurations
Node
wsnlinksMatch5.1.2
ORwsnlinksMatch5.1.3
ORwsnlinksMatch5.1.17
ORwsnlinksMatch5.1.18
ORwsnlinksMatch5.1.19
ORwsnlinksMatch5.1.20
ORwsnlinksMatch5.1.21
ORwsnlinksMatch5.1.22
ORwsnlinksMatch5.1.23
ORwsnlinksMatch5.1.24
ORwsnlinksMatch5.1.25
ORwsnlinksMatch5.1.26
ORwsnlinksMatch5.1.27
ORwsnlinksMatch5.1.28
ORwsnlinksMatch5.1.29
ORwsnlinksMatch5.1.30
ORwsnlinksMatch5.1.31
ORwsnlinksMatch5.1.32
ORwsnlinksMatch5.1.33
ORwsnlinksMatch5.1.34
ORwsnwsn_linksMatch5.1.0
ORwsnwsn_linksMatch5.1.1
ORwsnwsn_linksMatch5.1.4
ORwsnwsn_linksMatch5.1.5
ORwsnwsn_linksMatch5.1.6
ORwsnwsn_linksMatch5.1.7
ORwsnwsn_linksMatch5.1.8
ORwsnwsn_linksMatch5.1.9
ORwsnwsn_linksMatch5.1.10
ORwsnwsn_linksMatch5.1.11
ORwsnwsn_linksMatch5.1.12
ORwsnwsn_linksMatch5.1.13
ORwsnwsn_linksMatch5.1.14
ORwsnwsn_linksMatch5.1.15
ORwsnwsn_linksMatch5.1.16
ORwsnwsn_linksMatch5.1.35
ORwsnwsn_linksMatch5.1.36
ORwsnwsn_linksMatch5.1.37
ORwsnwsn_linksMatch5.1.38
ORwsnwsn_linksMatch5.1.39
ORwsnwsn_linksMatch5.1.40
ORwsnwsn_linksMatch5.1.41
ORwsnwsn_linksMatch5.1.42
ORwsnwsn_linksMatch5.1.43
ORwsnwsn_linksMatch5.1.44
ORwsnwsn_linksMatch5.1.45
ORwsnwsn_linksMatch5.1.46
ORwsnwsn_linksMatch5.1.47
ORwsnwsn_linksMatch5.1.48
ORwsnwsn_linksMatch5.1.49
ORwsnwsn_linksMatch6.0.0
ORwsnlinkswsn_linksMatch5.0.0
ORwsnlinkswsn_linksMatch5.0.1
ORwsnlinkswsn_linksMatch5.0.2
ORwsnlinkswsn_linksMatch5.0.3
ORwsnlinkswsn_linksMatch5.0.4
ORwsnlinkswsn_linksMatch5.0.5
ORwsnlinkswsn_linksMatch5.0.6
ORwsnlinkswsn_linksMatch5.0.7
ORwsnlinkswsn_linksMatch5.0.8
ORwsnlinkswsn_linksMatch5.0.9
ORwsnlinkswsn_linksMatch5.0.10
ORwsnlinkswsn_linksMatch5.0.11
ORwsnlinkswsn_linksMatch5.0.12
ORwsnlinkswsn_linksMatch5.0.13
ORwsnlinkswsn_linksMatch5.0.14
ORwsnlinkswsn_linksMatch5.0.15
ORwsnlinkswsn_linksMatch5.0.16
ORwsnlinkswsn_linksMatch5.0.17
ORwsnlinkswsn_linksMatch5.0.18
ORwsnlinkswsn_linksMatch5.0.19
ORwsnlinkswsn_linksMatch5.0.20
ORwsnlinkswsn_linksMatch5.0.21
ORwsnlinkswsn_linksMatch5.0.22
ORwsnlinkswsn_linksMatch5.0.23
ORwsnlinkswsn_linksMatch5.0.24
ORwsnlinkswsn_linksMatch5.0.25
ORwsnlinkswsn_linksMatch5.0.26
ORwsnlinkswsn_linksMatch5.0.27
ORwsnlinkswsn_linksMatch5.0.28
ORwsnlinkswsn_linksMatch5.0.29
ORwsnlinkswsn_linksMatch5.0.30
ORwsnlinkswsn_linksMatch5.0.31
ORwsnlinkswsn_linksMatch5.0.32
ORwsnlinkswsn_linksMatch5.0.33
ORwsnlinkswsn_linksMatch5.0.34
ORwsnlinkswsn_linksMatch5.0.35
ORwsnlinkswsn_linksMatch5.0.36
ORwsnlinkswsn_linksMatch5.0.37
ORwsnlinkswsn_linksMatch5.0.38
ORwsnlinkswsn_linksMatch5.0.39
ORwsnlinkswsn_linksMatch5.0.40
ORwsnlinkswsn_linksMatch5.0.41
ORwsnlinkswsn_linksMatch5.0.42
ORwsnlinkswsn_linksMatch5.0.43
ORwsnlinkswsn_linksMatch5.0.44
ORwsnlinkswsn_linksMatch5.0.45
ORwsnlinkswsn_linksMatch5.0.46
ORwsnlinkswsn_linksMatch5.0.47
ORwsnlinkswsn_linksMatch5.0.48
ORwsnlinkswsn_linksMatch5.0.49
ORwsnlinkswsn_linksMatch5.0.50
ORwsnlinkswsn_linksMatch5.0.51
ORwsnlinkswsn_linksMatch5.0.52
ORwsnlinkswsn_linksMatch5.0.53
ORwsnlinkswsn_linksMatch5.0.54
ORwsnlinkswsn_linksMatch5.0.55
ORwsnlinkswsn_linksMatch5.0.56
ORwsnlinkswsn_linksMatch5.0.57
ORwsnlinkswsn_linksMatch5.0.58
ORwsnlinkswsn_linksMatch5.0.59
ORwsnlinkswsn_linksMatch5.0.60
ORwsnlinkswsn_linksMatch5.0.61
ORwsnlinkswsn_linksMatch5.0.62
ORwsnlinkswsn_linksMatch5.0.63
ORwsnlinkswsn_linksMatch5.0.64
ORwsnlinkswsn_linksMatch5.0.65
ORwsnlinkswsn_linksMatch5.0.66
ORwsnlinkswsn_linksMatch5.0.67
ORwsnlinkswsn_linksMatch5.0.68
ORwsnlinkswsn_linksMatch5.0.69
ORwsnlinkswsn_linksMatch5.0.70
ORwsnlinkswsn_linksMatch5.0.71
ORwsnlinkswsn_linksMatch5.0.72
ORwsnlinkswsn_linksMatch5.0.73
ORwsnlinkswsn_linksMatch5.0.74
ORwsnlinkswsn_linksMatch5.0.75
ORwsnlinkswsn_linksMatch5.0.76
ORwsnlinkswsn_linksMatch5.0.77
ORwsnlinkswsn_linksMatch5.0.78
ORwsnlinkswsn_linksMatch5.0.79
ORwsnlinkswsn_linksMatch5.0.80
References
archives.neohapsis.com/archives/fulldisclosure/2010-10/0512.html
www.exploit-db.com/exploits/15607
www.securityfocus.com/archive/1/514585/100/0/threaded
www.securityfocus.com/bid/44593
www.uncompiled.com/2010/10/wsn-links-sql-injection-vulnerability-cve-2010-4006/
exchange.xforce.ibmcloud.com/vulnerabilities/62939
Related
exploitpack
exploitpack
WSN Links - SQL Injection
2010-11-24 00:00:00
securityvulns
securityvulns
nvd
nvd
CVE-2010-4006
2010-11-03 20:00:01
packetstorm
packetstorm
WSN Links SQL Injection
2010-11-02 00:00:00
myhack58
myhack58
prion
prion
Sql injection
2010-11-03 20:00:00
cvelist
cvelist
CVE-2010-4006
2010-11-03 19:00:00
seebug
seebug
WSN Links SQL Injection Vulnerability
2014-07-01 00:00:00
exploitdb
exploitdb
WSN Links - SQL Injection
2010-11-24 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
42.7%
Related for CVE-2010-4006