CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2010-1093

SQL injection vulnerability in rss.php in 1024 CMS 2.1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a vp action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 33.3%

CVSS Severity

CVSS v2 Score 6.8

References

http://secunia.com/advisories/38775
http://www.bugreport.ir/index_69.htm
http://www.securityfocus.com/bid/38476
http://secunia.com/advisories/38775
http://www.bugreport.ir/index_69.htm
http://www.securityfocus.com/bid/38476

Products affected by CVE-2010-1093

1024cms » 1024 Cms » Version: 2.1.1

cpe:2.3:a:1024cms:1024_cms:2.1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-1093

Products

Pricing

Contact Us