Vulnerability Description
SQL injection vulnerability in user.php in Hi Web Wiesbaden Web 2.0 Social Network Freunde Community System allows remote attackers to execute arbitrary SQL commands via the id parameter in a showgallery action.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phpscripte24 | Web Social Network Freunde Community | 2.0 |
Related Weaknesses (CWE)
References
- http://osvdb.org/64513
- http://packetstormsecurity.org/1005-exploits/web20snfcs-sql.txtExploit
- http://secunia.com/advisories/39761Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58583
- http://osvdb.org/64513
- http://packetstormsecurity.org/1005-exploits/web20snfcs-sql.txtExploit
- http://secunia.com/advisories/39761Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58583
FAQ
What is CVE-2010-1923?
CVE-2010-1923 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in user.php in Hi Web Wiesbaden Web 2.0 Social Network Freunde Community System allows remote attackers to execute arbitrary SQL commands via the id parameter in a showgall...
How severe is CVE-2010-1923?
CVE-2010-1923 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-1923?
Check the references section above for vendor advisories and patch information. Affected products include: Phpscripte24 Web Social Network Freunde Community.