CVE-2010-2672
Published Jul 8, 2010
Last updated 14 years ago
Overview
- Description
- Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through 4.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) SectionID and (2) SearchTimestamp parameters to the search feature and the (3) SearchContentClassAttributeID parameter to the advancedsearch feature.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-89
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DDF55F25-B30D-4FC9-ADA7-7F185CD5338F"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8CC77C98-2C37-49CE-AFB4-49D84BEC78FE"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "568B3930-DDA1-4582-B1E8-BA4B4E83E49B"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.7.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24159950-04AD-43EA-BEC5-C306A438CEDF"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.7.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2AF33FE5-094B-42E3-AFB4-EE344A0161D9"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.7.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "00844C2C-259B-4685-9B26-F9AD6B8C2019"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.7.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1E923D5-B60D-4822-B1A7-AB3B32D3BA0B"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.7.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "076912DC-A491-4572-A5F8-8E16783990BE"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.7.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "34BB6ECF-28F3-429B-96C4-EC4A49CFEE06"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.7.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "63C48844-569E-4274-B039-285D20A257E6"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.7.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0853588-C50C-4BE0-9594-D015153E78FA"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.7.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E618D0C6-1679-44A2-B809-451E6EBDA57F"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.7.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F050C746-AC77-4C50-BA1E-7308415C56E3"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:4.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D41CE6FC-9CCB-4D26-9F93-F9FBD2381A8E"
}
],
"operator": "OR"
}
]
}
]