HomePentest-Tools.com Logo

CMSQlite index.php SQL Injection and Directory Traversal Vulnerabilities CVE-2010-2095CVE-2010-2096

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

CMSQlite is prone to multiple SQL injection and directory traversal vulnerabilities.

Risk description

The flaws are due to: - Improper validation of user supplied input to c parameter in index.php, allows attackers to execute SQL commands. - Improper validation of user supplied input to mod parameter in index.php, allows attackers to include and execute local files. Successful exploitation will allow attackers to execute SQL commands and arbitrary local files.

Recommendation

Upgrade to CMSQlite 1.3 later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
May 27, 2010
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available