CVE-2010-1918

SQL injection vulnerability in ask_chat.php in eFront 3.6.2 and earlier allows remote attackers to execute arbitrary SQL commands via the chatrooms_ID parameter.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:efrontlearning:efront:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.5.3:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:*:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.5.0:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.6:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.5.4:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.5.0:beta2:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.5.0:beta3:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.5.5:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.5.0:beta1:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.5.2:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.5.0:beta4:*:*:*:*:*:*

Information

Published : 2010-05-12 04:46

Updated : 2010-05-12 12:36


NVD link : CVE-2010-1918

Mitre link : CVE-2010-1918


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

efrontlearning

  • efront