Vulnerability Details CVE-2010-1867
SQL injection vulnerability in the ArticleAttachment::GetAttachmentsByArticleNumber method in javascript/tinymcs/plugins/campsiteattachment/attachments.php in Campsite 3.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the article_id parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/64215
- http://php-security.org/2010/05/01/mops-2010-002-campsite-tinymce-article-attachment-sql-injection-vulnerability/index.html
- http://secunia.com/advisories/39580
- http://www.campware.org/en/camp/campsite_news/832/
- http://www.securityfocus.com/bid/39862
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58285
- http://osvdb.org/64215
- http://php-security.org/2010/05/01/mops-2010-002-campsite-tinymce-article-attachment-sql-injection-vulnerability/index.html
- http://secunia.com/advisories/39580
- http://www.campware.org/en/camp/campsite_news/832/
- http://www.securityfocus.com/bid/39862
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58285
Products affected by CVE-2010-1867
-
cpe:2.3:a:campware.org:campsite:*
-
cpe:2.3:a:campware.org:campsite:2.2.2
-
cpe:2.3:a:campware.org:campsite:2.3.3
-
cpe:2.3:a:campware.org:campsite:2.4.3
-
cpe:2.3:a:campware.org:campsite:2.5.2
-
cpe:2.3:a:campware.org:campsite:2.6.0
-
cpe:2.3:a:campware.org:campsite:2.6.1
-
cpe:2.3:a:campware.org:campsite:2.6.9
-
cpe:2.3:a:campware.org:campsite:2.7.0
-
cpe:2.3:a:campware.org:campsite:3.0.3
-
cpe:2.3:a:campware.org:campsite:3.1.0
-
cpe:2.3:a:campware.org:campsite:3.1.1
-
cpe:2.3:a:campware.org:campsite:3.1.2
-
cpe:2.3:a:campware.org:campsite:3.1.3
-
cpe:2.3:a:campware.org:campsite:3.2.0
-
cpe:2.3:a:campware.org:campsite:3.2.1
-
cpe:2.3:a:campware.org:campsite:3.2.2
-
cpe:2.3:a:campware.org:campsite:3.2.3
-
cpe:2.3:a:campware.org:campsite:3.3.0
-
cpe:2.3:a:campware.org:campsite:3.3.1
-
cpe:2.3:a:campware.org:campsite:3.3.2
-
cpe:2.3:a:campware.org:campsite:3.3.3
-
cpe:2.3:a:campware.org:campsite:3.3.4