CVE-2010-0469

Published Feb 2, 2010

Last updated 7 years ago

Overview

Description: SQL injection vulnerability in Files2Links F2L 3000 appliance 4.0.0, and possibly other versions and models, allows remote attackers to execute arbitrary SQL commands via unspecified parameters to the login page.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-89

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:files2links:f2l_3000_appliance:4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D205897-9B8B-49D5-940D-545F031D8BA7"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References