CVE-2010-0471

Published Feb 2, 2010

Last updated 15 years ago

CVSS info 7.5

Overview

Description: SQL injection vulnerability in the comment submission interface (includes/comment.php) in Enano CMS before 1.0.6pl1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-89

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:enanocms:enanocms:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01A301A4-BA15-4EBD-B39B-7A90A513CF25",
            "versionEndIncluding": "1.0.6"
          },
          {
            "criteria": "cpe:2.3:a:enanocms:enanocms:0.8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "630B5F38-8EBA-4804-B709-AE43DA8C874E"
          },
          {
            "criteria": "cpe:2.3:a:enanocms:enanocms:0.8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D97E7481-14CC-4B48-BCDE-F1A704ED633F"
          },
          {
            "criteria": "cpe:2.3:a:enanocms:enanocms:0.8.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1E4CED9-474D-4A04-A3FB-EA72A936C251"
          },
          {
            "criteria": "cpe:2.3:a:enanocms:enanocms:0.8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC77562A-FE35-4418-AC27-EF3FCD37FD86"
          },
          {
            "criteria": "cpe:2.3:a:enanocms:enanocms:0.9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C44BED19-8310-4163-9ECC-15A006B53AF7"
          },
          {
            "criteria": "cpe:2.3:a:enanocms:enanocms:0.9.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AA1AEA7-02BD-4B11-A2EF-80BAE7E76CBF"
          },
          {
            "criteria": "cpe:2.3:a:enanocms:enanocms:0.9.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42033D99-6882-4CCE-B609-5C1694BC5BE3"
          },
          {
            "criteria": "cpe:2.3:a:enanocms:enanocms:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D6EA825-E24E-4A77-B589-3CBCBD599C55"
          },
          {
            "criteria": "cpe:2.3:a:enanocms:enanocms:1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBB53BEC-D904-4D09-B7F2-EAA8251216DF"
          },
          {
            "criteria": "cpe:2.3:a:enanocms:enanocms:1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDB7D7FB-3CD4-46D1-A4AC-D9464E5B16ED"
          },
          {
            "criteria": "cpe:2.3:a:enanocms:enanocms:1.0.2b1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B9F691A-B7D5-42E2-8685-E23513C9E17F"
          },
          {
            "criteria": "cpe:2.3:a:enanocms:enanocms:1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70AB7418-B24F-4243-9BFE-EABDBAB882D5"
          },
          {
            "criteria": "cpe:2.3:a:enanocms:enanocms:1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D702462C-3785-47F9-8589-0F402914F9F6"
          },
          {
            "criteria": "cpe:2.3:a:enanocms:enanocms:1.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67744B18-8CB8-4F91-8B62-BD1F694DA421"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References