Vulnerability Description
SQL injection vulnerability in index.php in Customer Paradigm PageDirector CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Customerparadigm | Pagedirector Cms | All versions |
Related Weaknesses (CWE)
References
- http://osvdb.org/65830
- http://packetstormsecurity.org/1006-exploits/pagedirector-sqladdadmin.txtExploit
- http://secunia.com/advisories/40367Vendor Advisory
- http://www.exploit-db.com/exploits/14089Exploit
- http://www.securityfocus.com/bid/41184Exploit
- http://www.vupen.com/english/advisories/2010/1633Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59844
- http://osvdb.org/65830
- http://packetstormsecurity.org/1006-exploits/pagedirector-sqladdadmin.txtExploit
- http://secunia.com/advisories/40367Vendor Advisory
- http://www.exploit-db.com/exploits/14089Exploit
- http://www.securityfocus.com/bid/41184Exploit
- http://www.vupen.com/english/advisories/2010/1633Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59844
FAQ
What is CVE-2010-2684?
CVE-2010-2684 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in index.php in Customer Paradigm PageDirector CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
How severe is CVE-2010-2684?
CVE-2010-2684 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-2684?
Check the references section above for vendor advisories and patch information. Affected products include: Customerparadigm Pagedirector Cms.