CVE

Id
47335  
CVE No.
CVE-2010-4751  
Status
Candidate  
Description
SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the id parameter in an edituser action, a different vector than CVE-2008-6593, CVE-2010-3484, and CVE-2010-3485.  
Phase
Assigned (20110301)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
517163 47335 CVE-2010-4751 MISC:http://holisticinfosec.org/content/view/168/45/  View
517164 47335 CVE-2010-4751 CONFIRM:http://www.lightneasy.org/punbb/viewtopic.php?id=1207  View
517165 47335 CVE-2010-4751 BID:45230  View
517166 47335 CVE-2010-4751 URL:http://www.securityfocus.com/bid/45230  View
517167 47335 CVE-2010-4751 SECUNIA:42391  View
517168 47335 CVE-2010-4751 URL:http://secunia.com/advisories/42391  View
517169 47335 CVE-2010-4751 XF:lightneasy-id-sql-injection(63723)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
33732 JVNDB-2011-003974 OpenSSH の remote_glob 関数におけるサービス運用妨害 (DoS) の脆弱性 OpenSSH、FreeBSD、NetBSD、OpenBSD およびその他の製品の (1) sftp-glob.c の remote_glob 関数および (2) sftp.c の process_put 関数には、サービス運用妨害 (CPU およびメモリの消費) 状態となる脆弱性が存在します。 CVE-2010-4755 47335 4 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003974.html  View