NVD

Id
12164  
Name
CVE-2010-0614  
Description
SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows remote attackers to execute arbitrary SQL commands via the query parameter in the (1) question action, and possibly the (2) sub_par or (3) num_quest actions.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-18  
Published
2010-02-11  
Modified Date
2010-02-12  
Seq
2010-0614  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
66930 12164 CVE-2010-0614 http://packetstormsecurity.org/1002-exploits/corelan-10-008-evalmsi.txt  View
66931 12164 CVE-2010-0614 http://www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-008-evalmsi-2-1-03-multiple-vulnerabilities/  View
66932 12164 CVE-2010-0614 20100204 CORELAN-10-008 - Multiple vulnerabilities found in evalmsi 2.1.03  View
66933 12164 CVE-2010-0614 38116  View
66934 12164 CVE-2010-0614 evalsmsi-ajax-sql-injection(56152)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
38711 JVNDB-2010-004496 evalSMSI の ajax.php における SQL インジェクションの脆弱性 evalSMSI の ajax.php には、SQL インジェクションの脆弱性が存在します。 CVE-2010-0614 43194 CVE-2010-0614 12164 7.5 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-004496.html 2010-02-11 2012-09-25 View