VRDA Feed : Provides information for vulnerability impact analysis

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

[ about VRDA Feed | JPCERT/CC ]

Vulnerability Analysis Result (Revision No : 1)

[ Download XML ]

CVE-2010-2098

e107: Incomplete blacklist vulnerability in usersettings....

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2098

Original

Incomplete blacklist vulnerability in usersettings.php in e107 0.7.20 and earlier allows remote attackers to conduct SQL injection attacks via the loginname parameter.

Translation (Show)

About This Analysis Information

Analysis Information Provider:

NIST NVD

First Published:

2010-05-27

Source Information Category:

Advisory, Alert

Last Updated:

2010-05-28

Affected Product Tags

cpe:/a:e107:e107:0.545

cpe:/a:e107:e107:0.547:beta

cpe:/a:e107:e107:0.548:beta

cpe:/a:e107:e107:0.549:beta

cpe:/a:e107:e107:0.551:beta

cpe:/a:e107:e107:0.552:beta

cpe:/a:e107:e107:0.553:beta

cpe:/a:e107:e107:0.554

cpe:/a:e107:e107:0.554:beta

cpe:/a:e107:e107:0.555:beta

cpe:/a:e107:e107:0.600

cpe:/a:e107:e107:0.601

cpe:/a:e107:e107:0.602

cpe:/a:e107:e107:0.603

cpe:/a:e107:e107:0.604

cpe:/a:e107:e107:0.605

cpe:/a:e107:e107:0.606

cpe:/a:e107:e107:0.607

cpe:/a:e107:e107:0.608

cpe:/a:e107:e107:0.609

cpe:/a:e107:e107:0.610

cpe:/a:e107:e107:0.611

cpe:/a:e107:e107:0.612

cpe:/a:e107:e107:0.613

cpe:/a:e107:e107:0.614

cpe:/a:e107:e107:0.615

cpe:/a:e107:e107:0.615a

cpe:/a:e107:e107:0.616

cpe:/a:e107:e107:0.617

cpe:/a:e107:e107:0.6171

cpe:/a:e107:e107:0.6172

cpe:/a:e107:e107:0.6173

cpe:/a:e107:e107:0.6174

cpe:/a:e107:e107:0.6175

cpe:/a:e107:e107:0.6_10

cpe:/a:e107:e107:0.6_11

cpe:/a:e107:e107:0.6_12

cpe:/a:e107:e107:0.6_13

cpe:/a:e107:e107:0.6_14

cpe:/a:e107:e107:0.6_15

cpe:/a:e107:e107:0.6_15a

cpe:/a:e107:e107:0.7

cpe:/a:e107:e107:0.7.0

cpe:/a:e107:e107:0.7.1

cpe:/a:e107:e107:0.7.10

cpe:/a:e107:e107:0.7.11

cpe:/a:e107:e107:0.7.12

cpe:/a:e107:e107:0.7.13

cpe:/a:e107:e107:0.7.14

cpe:/a:e107:e107:0.7.15

cpe:/a:e107:e107:0.7.16

cpe:/a:e107:e107:0.7.17

cpe:/a:e107:e107:0.7.18

cpe:/a:e107:e107:0.7.19

cpe:/a:e107:e107:0.7.2

cpe:/a:e107:e107:0.7.20 and previous versions

cpe:/a:e107:e107:0.7.3

cpe:/a:e107:e107:0.7.4

cpe:/a:e107:e107:0.7.5

cpe:/a:e107:e107:0.7.6

cpe:/a:e107:e107:0.7.7

cpe:/a:e107:e107:0.7.8

cpe:/a:e107:e107:0.7.9

Vulnerability Analysis Results

[Access Vector] ^[?]

Undefined^[?]

Local^[?]

Adjacent Network^[?]

Network^[?]

[Access Complexit] ^[?]

Undefined^[?]

High^[?]

Medium^[?]

Low^[?]

[Authentication] ^[?]

Undefined^[?]

Multiple^[?]

Single^[?]

None^[?]

[Confidentiality Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Integrity Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Availability Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

Alternatives

References

CONFIRM http://e107.svn.sourceforge.net/viewvc/e107/trunk/e107_0.7/usersettings.php?r1=11538&r2=11541

CONFIRM http://e107.svn.sourceforge.net/viewvc/e107/trunk/e107_0.7/usersettings.php?r1=11521&r2=11538

Vulnerability Type Other (NVD-CWE-Other)