CVE-2010-3212

Published Sep 3, 2010

Last updated 7 years ago

Overview

Description: SQL injection vulnerability in index.php in Seagull 0.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via the frmQuestion parameter in a retrieve action, in conjunction with a user/password PATH_INFO.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-89

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:seagullproject.org:seagull:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "602F0728-F961-4E75-88A8-40A31971F971",
            "versionEndIncluding": "0.6.7"
          },
          {
            "criteria": "cpe:2.3:a:seagullproject.org:seagull:0.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57055AA8-8937-4F3D-94C4-A71006F446ED"
          },
          {
            "criteria": "cpe:2.3:a:seagullproject.org:seagull:0.4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D47F05A-68BD-4392-A1F2-7AAB94495BE1"
          },
          {
            "criteria": "cpe:2.3:a:seagullproject.org:seagull:0.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC2548CF-1DFF-4889-AA02-214CC165328B"
          },
          {
            "criteria": "cpe:2.3:a:seagullproject.org:seagull:0.6.0:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7FEFA7E9-5380-4E68-866E-A9246A09A741"
          },
          {
            "criteria": "cpe:2.3:a:seagullproject.org:seagull:0.6.0:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A388222E-445F-4C64-BDD6-42450DAD36DE"
          },
          {
            "criteria": "cpe:2.3:a:seagullproject.org:seagull:0.6.0:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1A2F16D-22DE-435F-BFDE-B8086D078381"
          },
          {
            "criteria": "cpe:2.3:a:seagullproject.org:seagull:0.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F46650A-915A-4094-9189-AACC681A3FFE"
          },
          {
            "criteria": "cpe:2.3:a:seagullproject.org:seagull:0.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63D07A47-35FF-46DD-B00E-CD8E9C558C3A"
          },
          {
            "criteria": "cpe:2.3:a:seagullproject.org:seagull:0.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36CE1627-C7CB-4EF4-B1AD-E88CA153375E"
          },
          {
            "criteria": "cpe:2.3:a:seagullproject.org:seagull:0.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56E57B12-0614-45D9-9315-47124EEC74B1"
          },
          {
            "criteria": "cpe:2.3:a:seagullproject.org:seagull:0.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B429C44-8AF8-4B07-89F6-D06F981D317B"
          },
          {
            "criteria": "cpe:2.3:a:seagullproject.org:seagull:0.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A917727-24C6-4E80-BF8C-CA4465B75E18"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References