All the vulnerabilites related to shape5 - bridge_of_hope_template
Vulnerability from fkie_nvd
Published
2010-06-09 20:30
Modified
2024-11-21 01:16
Severity ?
Summary
SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| shape5 | bridge_of_hope_template | * | |
| joomla | joomla\! | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:shape5:bridge_of_hope_template:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43D09E36-44F4-4B70-B994-59237EA0A72C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AC7400C-F6AF-4B5E-A34B-0222F94DCC46",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en la plantilla \"Shape5 Bridge of Hope\" de Joomla! permite a los atacantes remotos ejecutar comandos SQL a su elecci\u00f3n a trav\u00e9s del par\u00e1metro \"id\" en una acci\u00f3n \"article\" a index.php."
}
],
"id": "CVE-2010-2254",
"lastModified": "2024-11-21T01:16:14.983",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-06-09T20:30:24.037",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.org/1001-exploits/joomlaboh-sql.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/10964"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/37602"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.org/1001-exploits/joomlaboh-sql.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/10964"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/37602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0019"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2010-2254
Vulnerability from cvelistv5
Published
2010-06-09 20:00
Modified
2024-08-07 02:25
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.org/1001-exploits/joomlaboh-sql.txt | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2010/0019 | vdb-entry, x_refsource_VUPEN | |
| http://www.exploit-db.com/exploits/10964 | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securityfocus.com/bid/37602 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:25:07.608Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/1001-exploits/joomlaboh-sql.txt"
},
{
"name": "ADV-2010-0019",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0019"
},
{
"name": "10964",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/10964"
},
{
"name": "37602",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37602"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-27T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/1001-exploits/joomlaboh-sql.txt"
},
{
"name": "ADV-2010-0019",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0019"
},
{
"name": "10964",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/10964"
},
{
"name": "37602",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37602"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2254",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.org/1001-exploits/joomlaboh-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1001-exploits/joomlaboh-sql.txt"
},
{
"name": "ADV-2010-0019",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0019"
},
{
"name": "10964",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/10964"
},
{
"name": "37602",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37602"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2254",
"datePublished": "2010-06-09T20:00:00",
"dateReserved": "2010-06-09T00:00:00",
"dateUpdated": "2024-08-07T02:25:07.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}