Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2010-4922

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2010-4922
Last Modified 13 Feb 2012 12:00:00
Published 09 Oct 2011 06:55:06
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2010-4922

Summary

Multiple SQL injection vulnerabilities in Allinta CMS 22.07.2010 allow remote attackers to execute arbitrary SQL commands via the i parameter in an edit action to (1) contentAE.asp or (2) templatesAE.asp.

Vulnerable Systems

Application

  • Allinta Cms 22.07.2010


References

BID - 42320

BUGTRAQ - 20100809 SQL injection vulnerability in allinta CMS

MISC - http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_allinta_cms_1.html

MISC - http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_allinta_cms.html

SREASON - 8453


Last Updated: 27 May 2016 10:58:12