CVE-2010-3212

2010-09-0317:12:00

mitre

www.cve.org

8.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

37.7%

JSON

SQL injection vulnerability in index.php in Seagull 0.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via the frmQuestion parameter in a retrieve action, in conjunction with a user/password PATH_INFO.

References

osvdb.org/67689

packetstormsecurity.org/1008-exploits/seagull-sql.txt

secunia.com/advisories/41169

www.exploit-db.com/exploits/14838

exchange.xforce.ibmcloud.com/vulnerabilities/61469