Vulnerability Description
SQL injection vulnerability in viewjokes.php in Evernew Free Joke Script 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Evernewscripts | Free Joke Script | 1.2 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.org/1002-exploits/evernewfjs-sql.txtExploit
- http://secunia.com/advisories/35434Vendor Advisory
- http://www.exploit-db.com/exploits/11306Exploit
- http://www.securityfocus.com/bid/38020Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56043
- http://packetstormsecurity.org/1002-exploits/evernewfjs-sql.txtExploit
- http://secunia.com/advisories/35434Vendor Advisory
- http://www.exploit-db.com/exploits/11306Exploit
- http://www.securityfocus.com/bid/38020Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56043
FAQ
What is CVE-2010-0630?
CVE-2010-0630 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in viewjokes.php in Evernew Free Joke Script 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
How severe is CVE-2010-0630?
CVE-2010-0630 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-0630?
Check the references section above for vendor advisories and patch information. Affected products include: Evernewscripts Free Joke Script.