CVE-2010-3482
published 2010-09-22CVE-2010-3482: Multiple SQL injection vulnerabilities in cms_write.php in Primitive CMS 1.0.9 allow remote authenticated administrators to execute arbitrary SQL commands via…
PriorityP337medium6.5CVSS 2.0
AVNACLAuSCPIPAP
EXPLOIT
EPSS
0.92%
55.8th percentile
Multiple SQL injection vulnerabilities in cms_write.php in Primitive CMS 1.0.9 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) title and (2) menutitle parameters. NOTE: this can be leveraged with CVE-2010-3483 to conduct attacks without authentication.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bouzouste | primitive_cms | — | — |
CVSS provenance
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
vendor_redhat6.9MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-c999-27cf-hx87: Multiple SQL injection vulnerabilities in cms_write
ghsa_unreviewed·2022-05-17·CVSS 7.5
CVE-2010-3482 [HIGH] CWE-89 GHSA-c999-27cf-hx87: Multiple SQL injection vulnerabilities in cms_write
Multiple SQL injection vulnerabilities in cms_write.php in Primitive CMS 1.0.9 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) title and (2) menutitle parameters. NOTE: this can be leveraged with CVE-2010-3483 to conduct attacks without authentication.
Red Hat
: cups possible arbitrary code execution via suid lppasswd (STR #3482)
vendor_redhat·2010-03-03·CVSS 6.9
CVE-2010-0393 [MEDIUM] : cups possible arbitrary code execution via suid lppasswd (STR #3482)
: cups possible arbitrary code execution via suid lppasswd (STR #3482)
The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.
Statement: This issue did not affected Red Hat Enterprise Linux 3 and 4 due to the lack of localization in lppasswd as provided in those releases.
The affected code is present in Red Hat Enterprise Linux 5, however lppasswd is not shipped setuid so is not vulnerable to this issue. If a user were to enable the setuid bit on lppasswd, the impact would only be a crash of lppasswd due to use of FORTIFY_S
No detection rules found.
http://packetstormsecurity.org/1009-exploits/primitive-sqlxss.txthttp://www.exploit-db.com/exploits/15064http://www.vupen.com/english/advisories/2010/2458http://packetstormsecurity.org/1009-exploits/primitive-sqlxss.txthttp://www.exploit-db.com/exploits/15064http://www.vupen.com/english/advisories/2010/2458
2010-09-22
Published