PT-2011-1950 · 2Daybiz · 2Daybiz Network Community Script

Sid3^Effects

Publicado

2011-11-02

Atualizado

2017-08-29

CVE-2010-5015

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions 2daybiz Network Community Script (affected versions not specified)

Description The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the alb parameter in the view photo.php file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2010-5015

Produtos afetados

2Daybiz Network Community Script

PT-2011-1950 · 2Daybiz · 2Daybiz Network Community Script

CVE-2010-5015

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7