CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2010-4897

SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.7%

CVSS Severity

CVSS v2 Score 7.5

References

http://bbs.wolvez.org/viewtopic.php?id=148
http://osvdb.org/67822
http://secunia.com/advisories/41255
http://bbs.wolvez.org/viewtopic.php?id=148
http://osvdb.org/67822
http://secunia.com/advisories/41255

Products affected by CVE-2010-4897

Bluecms Project » Bluecms » Version: 1.6

cpe:2.3:a:bluecms_project:bluecms:1.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-4897

Products

Pricing

Contact Us