Executive Summary

Informations
NameCVE-2010-5020First vendor Publication2011-11-02
VendorCveLast vendor Modification2013-08-28

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score7.5Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5020

CWE : Common Weakness Enumeration

idName
CWE-89Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection')

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

OpenVAS Exploits

DateDescription
2011-11-14Name : NetArt Media iBoutique 'page' SQL Injection and XSS Vulnerabilities
File : nvt/gb_netart_media_iboutique_mult_sql_inj_n_xss_vuln.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
76887NetArt Media iBoutique index.php page Parameter SQL Injection

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/41014
EXPLOIT-DBhttp://www.exploit-db.com/exploits/13945
SECUNIAhttp://secunia.com/advisories/31871

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2013-08-29 13:19:46
  • Multiple Updates
2013-05-10 23:40:32
  • Multiple Updates