Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2010-4916

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2010-4916
Last Modified 13 Feb 2012 11:02:35
Published 08 Oct 2011 06:55:07
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2010-4916

Summary

Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUserGroup 1.06 allow remote attackers to execute arbitrary SQL commands via the (1) ArticleID or (2) LibraryID parameter.

Vulnerable Systems

Application

  • Coldgen Coldusergroup 1.06


References

XF - coldbookmarks-index-sql-injection(61638)

BID - 43035

EXPLOIT-DB - 14935

SECUNIA - 41335

MISC - http://packetstormsecurity.org/1009-exploits/coldusergroup-sql.txt

SREASON - 8448


Last Updated: 27 May 2016 10:58:12