Lucene search

[email protected]CVE-2010-2610

HistoryJul 02, 2010 - 12:44 p.m.

CVE-2010-2610

2010-07-0212:44:00

CWE-89

[email protected]

web.nvd.nist.gov

sql injection

2daybiz job site script

cve-2010-2610

nvd

9.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

47.2%

JSON

Multiple SQL injection vulnerabilities in 2daybiz Job Site Script allow remote attackers to execute arbitrary SQL commands via the (1) jid parameter to view_current_job.php, (2) job_iid parameter to show_search_more.php, and (3) left_cat parameter to show_search_result.php.

CPENameOperatorVersion
2daybiz:job_site_script2daybiz job site scripteq*

CPE	Name	Operator	Version
2daybiz:job_site_script	2daybiz job site script	eq	*

References

osvdb.org/65714

osvdb.org/65715

osvdb.org/65716

secunia.com/advisories/40301

www.exploit-db.com/exploits/14025

www.securityfocus.com/bid/41123

exchange.xforce.ibmcloud.com/vulnerabilities/59733

9.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

47.2%

JSON

Related for CVE-2010-2610

cvelist1 prion1