Lucene search

[email protected]NVD:CVE-2010-4006

HistoryNov 03, 2010 - 8:00 p.m.

CVE-2010-4006

2010-11-0320:00:01

CWE-89

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.001

Percentile

42.6%

JSON

Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x before 5.0.81, 5.1.x before 5.1.51, and 6.0.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) namecondition or (2) namesearch parameter.

Affected configurations

Nvd

Node

wsnlinksMatch5.1.2

wsnlinksMatch5.1.3

wsnlinksMatch5.1.17

wsnlinksMatch5.1.18

wsnlinksMatch5.1.19

wsnlinksMatch5.1.20

wsnlinksMatch5.1.21

wsnlinksMatch5.1.22

wsnlinksMatch5.1.23

wsnlinksMatch5.1.24

wsnlinksMatch5.1.25

wsnlinksMatch5.1.26

wsnlinksMatch5.1.27

wsnlinksMatch5.1.28

wsnlinksMatch5.1.29

wsnlinksMatch5.1.30

wsnlinksMatch5.1.31

wsnlinksMatch5.1.32

wsnlinksMatch5.1.33

wsnlinksMatch5.1.34

wsnwsn_linksMatch5.1.0

wsnwsn_linksMatch5.1.1

wsnwsn_linksMatch5.1.4

wsnwsn_linksMatch5.1.5

wsnwsn_linksMatch5.1.6

wsnwsn_linksMatch5.1.7

wsnwsn_linksMatch5.1.8

wsnwsn_linksMatch5.1.9

wsnwsn_linksMatch5.1.10

wsnwsn_linksMatch5.1.11

wsnwsn_linksMatch5.1.12

wsnwsn_linksMatch5.1.13

wsnwsn_linksMatch5.1.14

wsnwsn_linksMatch5.1.15

wsnwsn_linksMatch5.1.16

wsnwsn_linksMatch5.1.35

wsnwsn_linksMatch5.1.36

wsnwsn_linksMatch5.1.37

wsnwsn_linksMatch5.1.38

wsnwsn_linksMatch5.1.39

wsnwsn_linksMatch5.1.40

wsnwsn_linksMatch5.1.41

wsnwsn_linksMatch5.1.42

wsnwsn_linksMatch5.1.43

wsnwsn_linksMatch5.1.44

wsnwsn_linksMatch5.1.45

wsnwsn_linksMatch5.1.46

wsnwsn_linksMatch5.1.47

wsnwsn_linksMatch5.1.48

wsnwsn_linksMatch5.1.49

wsnwsn_linksMatch6.0.0

wsnlinkswsn_linksMatch5.0.0

wsnlinkswsn_linksMatch5.0.1

wsnlinkswsn_linksMatch5.0.2

wsnlinkswsn_linksMatch5.0.3

wsnlinkswsn_linksMatch5.0.4

wsnlinkswsn_linksMatch5.0.5

wsnlinkswsn_linksMatch5.0.6

wsnlinkswsn_linksMatch5.0.7

wsnlinkswsn_linksMatch5.0.8

wsnlinkswsn_linksMatch5.0.9

wsnlinkswsn_linksMatch5.0.10

wsnlinkswsn_linksMatch5.0.11

wsnlinkswsn_linksMatch5.0.12

wsnlinkswsn_linksMatch5.0.13

wsnlinkswsn_linksMatch5.0.14

wsnlinkswsn_linksMatch5.0.15

wsnlinkswsn_linksMatch5.0.16

wsnlinkswsn_linksMatch5.0.17

wsnlinkswsn_linksMatch5.0.18

wsnlinkswsn_linksMatch5.0.19

wsnlinkswsn_linksMatch5.0.20

wsnlinkswsn_linksMatch5.0.21

wsnlinkswsn_linksMatch5.0.22

wsnlinkswsn_linksMatch5.0.23

wsnlinkswsn_linksMatch5.0.24

wsnlinkswsn_linksMatch5.0.25

wsnlinkswsn_linksMatch5.0.26

wsnlinkswsn_linksMatch5.0.27

wsnlinkswsn_linksMatch5.0.28

wsnlinkswsn_linksMatch5.0.29

wsnlinkswsn_linksMatch5.0.30

wsnlinkswsn_linksMatch5.0.31

wsnlinkswsn_linksMatch5.0.32

wsnlinkswsn_linksMatch5.0.33

wsnlinkswsn_linksMatch5.0.34

wsnlinkswsn_linksMatch5.0.35

wsnlinkswsn_linksMatch5.0.36

wsnlinkswsn_linksMatch5.0.37

wsnlinkswsn_linksMatch5.0.38

wsnlinkswsn_linksMatch5.0.39

wsnlinkswsn_linksMatch5.0.40

wsnlinkswsn_linksMatch5.0.41

wsnlinkswsn_linksMatch5.0.42

wsnlinkswsn_linksMatch5.0.43

wsnlinkswsn_linksMatch5.0.44

wsnlinkswsn_linksMatch5.0.45

wsnlinkswsn_linksMatch5.0.46

wsnlinkswsn_linksMatch5.0.47

wsnlinkswsn_linksMatch5.0.48

wsnlinkswsn_linksMatch5.0.49

wsnlinkswsn_linksMatch5.0.50

wsnlinkswsn_linksMatch5.0.51

wsnlinkswsn_linksMatch5.0.52

wsnlinkswsn_linksMatch5.0.53

wsnlinkswsn_linksMatch5.0.54

wsnlinkswsn_linksMatch5.0.55

wsnlinkswsn_linksMatch5.0.56

wsnlinkswsn_linksMatch5.0.57

wsnlinkswsn_linksMatch5.0.58

wsnlinkswsn_linksMatch5.0.59

wsnlinkswsn_linksMatch5.0.60

wsnlinkswsn_linksMatch5.0.61

wsnlinkswsn_linksMatch5.0.62

wsnlinkswsn_linksMatch5.0.63

wsnlinkswsn_linksMatch5.0.64

wsnlinkswsn_linksMatch5.0.65

wsnlinkswsn_linksMatch5.0.66

wsnlinkswsn_linksMatch5.0.67

wsnlinkswsn_linksMatch5.0.68

wsnlinkswsn_linksMatch5.0.69

wsnlinkswsn_linksMatch5.0.70

wsnlinkswsn_linksMatch5.0.71

wsnlinkswsn_linksMatch5.0.72

wsnlinkswsn_linksMatch5.0.73

wsnlinkswsn_linksMatch5.0.74

wsnlinkswsn_linksMatch5.0.75

wsnlinkswsn_linksMatch5.0.76

wsnlinkswsn_linksMatch5.0.77

wsnlinkswsn_linksMatch5.0.78

wsnlinkswsn_linksMatch5.0.79

wsnlinkswsn_linksMatch5.0.80

VendorProductVersionCPE
wsnlinks5.1.2cpe:2.3:a:wsn:links:5.1.2:*:*:*:*:*:*:*
wsnlinks5.1.3cpe:2.3:a:wsn:links:5.1.3:*:*:*:*:*:*:*
wsnlinks5.1.17cpe:2.3:a:wsn:links:5.1.17:*:*:*:*:*:*:*
wsnlinks5.1.18cpe:2.3:a:wsn:links:5.1.18:*:*:*:*:*:*:*
wsnlinks5.1.19cpe:2.3:a:wsn:links:5.1.19:*:*:*:*:*:*:*
wsnlinks5.1.20cpe:2.3:a:wsn:links:5.1.20:*:*:*:*:*:*:*
wsnlinks5.1.21cpe:2.3:a:wsn:links:5.1.21:*:*:*:*:*:*:*
wsnlinks5.1.22cpe:2.3:a:wsn:links:5.1.22:*:*:*:*:*:*:*
wsnlinks5.1.23cpe:2.3:a:wsn:links:5.1.23:*:*:*:*:*:*:*
wsnlinks5.1.24cpe:2.3:a:wsn:links:5.1.24:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
wsn	links	5.1.2	cpe:2.3:a:wsn:links:5.1.2:::::::*
wsn	links	5.1.3	cpe:2.3:a:wsn:links:5.1.3:::::::*
wsn	links	5.1.17	cpe:2.3:a:wsn:links:5.1.17:::::::*
wsn	links	5.1.18	cpe:2.3:a:wsn:links:5.1.18:::::::*
wsn	links	5.1.19	cpe:2.3:a:wsn:links:5.1.19:::::::*
wsn	links	5.1.20	cpe:2.3:a:wsn:links:5.1.20:::::::*
wsn	links	5.1.21	cpe:2.3:a:wsn:links:5.1.21:::::::*
wsn	links	5.1.22	cpe:2.3:a:wsn:links:5.1.22:::::::*
wsn	links	5.1.23	cpe:2.3:a:wsn:links:5.1.23:::::::*
wsn	links	5.1.24	cpe:2.3:a:wsn:links:5.1.24:::::::*