CVE-2010-1046

CVE-2010-1046

EPSS 1.0%

Multiple SQL injection vulnerabilities in index.php in Rostermain 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) userid (username) and (2) password parameters.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://osvdb.org/62162 http://secunia.com/advisories/38440 http://www.exploit-db.com/exploits/11356 http://www.vupen.com/english/advisories/2010/0318