CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2010-3404

Multiple SQL injection vulnerabilities in eshtery CMS (aka eshtery.com) allow remote attackers to execute arbitrary SQL commands via the (1) Criteria field in an unspecified form related to catlgsearch.aspx or (2) user name to an unspecified form related to adminlogin.aspx.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.5%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.exploit-db.com/exploits/14980
http://www.securityfocus.com/bid/43168
https://exchange.xforce.ibmcloud.com/vulnerabilities/61767
http://www.exploit-db.com/exploits/14980
http://www.securityfocus.com/bid/43168
https://exchange.xforce.ibmcloud.com/vulnerabilities/61767

Products affected by CVE-2010-3404

Eshtery.she7ata » Eshtery Cms » Version: N/A

cpe:2.3:a:eshtery.she7ata:eshtery_cms:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-3404

Products

Pricing

Contact Us