CVE-2010-5011
published 2011-11-02CVE-2010-5011: SQL injection vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to execute arbitrary SQL commands via the session…
PriorityP344high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.04%
59.7th percentile
SQL injection vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to execute arbitrary SQL commands via the session parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| g.rodola | pyftpdlib | >= 0 < 0.5.2 | 0.5.2 |
| schoolmation | schoolmation | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
ghsa4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x95h-82jw-cjx7: SQL injection vulnerability in schoolmv2/html/studentmain
ghsa_unreviewed·2022-05-17
CVE-2010-5011 [HIGH] CWE-89 GHSA-x95h-82jw-cjx7: SQL injection vulnerability in schoolmv2/html/studentmain
SQL injection vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to execute arbitrary SQL commands via the session parameter.
GHSA
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pyftpdlib
ghsa·2022-05-02·CVSS 4.3
CVE-2009-5011 [MEDIUM] CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pyftpdlib
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pyftpdlib
Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the getpeername function having an ENOTCONN error, a different vulnerability than CVE-2010-3494.
No detection rules found.
http://packetstormsecurity.org/1006-exploits/schoolmation-sqlxss.txthttp://securityreason.com/securityalert/8508http://www.exploit-db.com/exploits/13812/http://www.securityfocus.com/bid/40737https://exchange.xforce.ibmcloud.com/vulnerabilities/59347http://packetstormsecurity.org/1006-exploits/schoolmation-sqlxss.txthttp://securityreason.com/securityalert/8508http://www.exploit-db.com/exploits/13812/http://www.securityfocus.com/bid/40737https://exchange.xforce.ibmcloud.com/vulnerabilities/59347
2011-11-02
Published