Vulnerability Details CVE-2010-5023
SQL injection vulnerability in index.asp in Digital Interchange Calendar 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intDivisionID parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 82.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://packetstormsecurity.org/1006-exploits/digitalinterchange-sql.txt
- http://securityreason.com/securityalert/8513
- http://www.exploit-db.com/exploits/13860
- http://www.securityfocus.com/bid/40829
- http://www.vupen.com/english/advisories/2010/1464
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59425
- http://packetstormsecurity.org/1006-exploits/digitalinterchange-sql.txt
- http://securityreason.com/securityalert/8513
- http://www.exploit-db.com/exploits/13860
- http://www.securityfocus.com/bid/40829
- http://www.vupen.com/english/advisories/2010/1464
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59425
Products affected by CVE-2010-5023
-
cpe:2.3:a:cramerdev:digital_interchange_calendar:5.8.5