Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
9 vulnerabilities found for bugtracker.net by ifdefined
CVE-2010-3267 (GCVE-0-2010-3267)
Vulnerability from nvd – Published: 2010-12-02 16:00 – Updated: 2024-08-07 03:03
VLAI?
Summary
Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the qu_id parameter to bugs.aspx, (2) the row_id parameter to delete_query.aspx, the (3) new_project or (4) us_id parameter to edit_bug.aspx, or (5) the bug_list parameter to massedit.aspx. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2010-11-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:03:18.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup"
},
{
"name": "15653",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/15653"
},
{
"name": "20101130 CORE-2010-1109 - Multiple vulnerabilities in BugTracker.Net",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/514957/100/0/threaded"
},
{
"name": "45121",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45121"
},
{
"name": "42418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42418"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the qu_id parameter to bugs.aspx, (2) the row_id parameter to delete_query.aspx, the (3) new_project or (4) us_id parameter to edit_bug.aspx, or (5) the bug_list parameter to massedit.aspx. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup"
},
{
"name": "15653",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/15653"
},
{
"name": "20101130 CORE-2010-1109 - Multiple vulnerabilities in BugTracker.Net",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/514957/100/0/threaded"
},
{
"name": "45121",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45121"
},
{
"name": "42418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42418"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3267",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the qu_id parameter to bugs.aspx, (2) the row_id parameter to delete_query.aspx, the (3) new_project or (4) us_id parameter to edit_bug.aspx, or (5) the bug_list parameter to massedit.aspx. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup",
"refsource": "CONFIRM",
"url": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup"
},
{
"name": "15653",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15653"
},
{
"name": "20101130 CORE-2010-1109 - Multiple vulnerabilities in BugTracker.Net",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514957/100/0/threaded"
},
{
"name": "45121",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45121"
},
{
"name": "42418",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42418"
},
{
"name": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3267",
"datePublished": "2010-12-02T16:00:00.000Z",
"dateReserved": "2010-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:03:18.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3266 (GCVE-0-2010-3266)
Vulnerability from nvd – Published: 2010-12-02 16:00 – Updated: 2024-08-07 03:03
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via (1) the pcd parameter to edit_bug.aspx, (2) the bug_id parameter to edit_comment.aspx, (3) the id parameter to edit_user_permissions2.aspx, or (4) the default_name parameter to edit_customfield.aspx. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2010-11-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:03:18.631Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup"
},
{
"name": "15653",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/15653"
},
{
"name": "20101130 CORE-2010-1109 - Multiple vulnerabilities in BugTracker.Net",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/514957/100/0/threaded"
},
{
"name": "45121",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45121"
},
{
"name": "42418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42418"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via (1) the pcd parameter to edit_bug.aspx, (2) the bug_id parameter to edit_comment.aspx, (3) the id parameter to edit_user_permissions2.aspx, or (4) the default_name parameter to edit_customfield.aspx. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup"
},
{
"name": "15653",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/15653"
},
{
"name": "20101130 CORE-2010-1109 - Multiple vulnerabilities in BugTracker.Net",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/514957/100/0/threaded"
},
{
"name": "45121",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45121"
},
{
"name": "42418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42418"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via (1) the pcd parameter to edit_bug.aspx, (2) the bug_id parameter to edit_comment.aspx, (3) the id parameter to edit_user_permissions2.aspx, or (4) the default_name parameter to edit_customfield.aspx. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup",
"refsource": "CONFIRM",
"url": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup"
},
{
"name": "15653",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15653"
},
{
"name": "20101130 CORE-2010-1109 - Multiple vulnerabilities in BugTracker.Net",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514957/100/0/threaded"
},
{
"name": "45121",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45121"
},
{
"name": "42418",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42418"
},
{
"name": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3266",
"datePublished": "2010-12-02T16:00:00.000Z",
"dateReserved": "2010-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:03:18.631Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3188 (GCVE-0-2010-3188)
Vulnerability from nvd – Published: 2010-08-31 19:25 – Updated: 2024-08-07 03:03
VLAI?
Summary
SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via a custom field to the search page.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2010-08-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:03:17.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "bugtrackernet-search-sql-injection(61434)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61434"
},
{
"name": "20100826 BugTracker.net 3.4.3 SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/513385/100/0/threaded"
},
{
"name": "41150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41150"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/projects/btnet/files/btnet_3_4_4_release_notes.txt/view"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-08-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via a custom field to the search page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "bugtrackernet-search-sql-injection(61434)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61434"
},
{
"name": "20100826 BugTracker.net 3.4.3 SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/513385/100/0/threaded"
},
{
"name": "41150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41150"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/projects/btnet/files/btnet_3_4_4_release_notes.txt/view"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3188",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via a custom field to the search page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "bugtrackernet-search-sql-injection(61434)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61434"
},
{
"name": "20100826 BugTracker.net 3.4.3 SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/513385/100/0/threaded"
},
{
"name": "41150",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41150"
},
{
"name": "http://sourceforge.net/projects/btnet/files/btnet_3_4_4_release_notes.txt/view",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/btnet/files/btnet_3_4_4_release_notes.txt/view"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3188",
"datePublished": "2010-08-31T19:25:00.000Z",
"dateReserved": "2010-08-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:03:17.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2010-3266
Vulnerability from fkie_nvd - Published: 2010-12-02 16:22 - Updated: 2026-04-29 01:13
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via (1) the pcd parameter to edit_bug.aspx, (2) the bug_id parameter to edit_comment.aspx, (3) the id parameter to edit_user_permissions2.aspx, or (4) the default_name parameter to edit_customfield.aspx. NOTE: some of these details are obtained from third party information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE0A0BA-D39C-4394-915C-93BF77235C4B",
"versionEndIncluding": "3.4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF42546-0F04-4D87-8132-0F4044D2DEE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0810F70A-9A84-4FAB-8AA2-42361D1ADE95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C1063A-68F5-4B99-A34A-5417E37B0DF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "507DFC08-4EC7-4E4C-808D-96FB4C682F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2CB9E-4483-4CB4-B3BF-4EBDBFFCE083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56364EDF-9012-4186-873D-B4CE3E78F88D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "970CF80F-B6F6-45ED-AACD-4399C5582B41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "61146907-863D-4D4F-8701-1A5686364AF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "200AD528-DFCC-498F-B899-50BB20689D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B20ABBD-A2B7-49BD-97E1-CFBDFE58F106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A878E271-8F3F-4970-B61C-E32EE219CA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9334855-C2C8-43D8-8A88-07D6A426DD05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEE6DEE-CE01-4034-8094-6DEBE40741E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8C105CC7-A0B9-4E33-AF9B-F9785AB65FD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "107D414F-003B-44F7-B1E2-E05657D951C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DBFEE855-1E8E-4CB8-AF55-BD36AE977354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "506029FB-F5B3-47D3-8EFB-3A83775CE865",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E7047CC7-C874-4F0E-A077-732549E263F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "795D1B23-E696-467C-8506-872DA571EB8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CA1507D-93CE-4681-B393-2CD681FEB8FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "18930164-2C40-40CE-994A-D50CE9175A64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF7B000-F67F-4964-86A9-9D4C1A16CCC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C206E95C-B21F-45C7-95EF-E1FF5249492A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8BB5D8-720B-4178-ABD8-09EA3DFB98EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B7FBA85-1EE4-4BFB-85E6-EFB18BD83F02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E0FDDA4C-50FC-4126-A872-58E5294E6B8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC26B13-E1D5-40A6-A5E1-F6E1B16D3D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0C12B092-328A-4ACE-897F-D500F9AD269B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6163E1-AF78-4CE7-8506-518614C83EEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D14EE853-8B0F-48D4-A4B2-C25615B3B2FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FFCBEE-17ED-46AA-B1C6-5C44AEB160C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "72B7F7C2-6C8D-43F7-8AC8-5D557CDF0FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "273269A2-3D43-4DB6-A941-DDADA6936538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "562AE9F0-F3FB-4C91-A492-EB37243E82AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "40BC27FB-0CD5-4F63-8EF4-5A0AB36287C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1326B1F8-9C8F-4A51-BA2F-C7B7D04B1C65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2C9802EC-7E48-4A6A-A3EA-3FFA86251F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D927C4C6-E73C-4D0D-9907-F8573BE92903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BF5DA4FA-6F60-41EA-9440-E9A440B5146B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7F7AA3F-1520-4791-A3FF-AF709B7CAF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C61BA750-5746-4ED3-BA09-9C6FE106B975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "45EE271D-C518-4686-9B33-6B577F284BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7532BA95-C8EB-4B6F-A17A-74E004112AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C5E4E4-3007-4248-819D-8DA22E33FA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7162777F-CC25-44D0-A7F9-E6C28496B488",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CA279C2B-8272-4D2C-9896-2953D506F216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F2D79BCB-BECB-4F9D-9638-11DD13937192",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D5CC2DB8-89BB-4830-B415-08666F81F898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBB49B8-0C24-408F-BE10-EC3E7EC8017D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4DF966-7635-4B12-B9C2-0B11DD1B3494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "97D96170-698F-4C4C-B1CE-ADDA41EF7988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "818B679A-8B68-4951-A93D-E43E7DE5C175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE544B6-727C-491B-825B-2F0363A17ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "54140434-0CAD-46D0-830E-E162AD887B94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D74D838-C925-47C5-BA10-DCEC4BE094CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9F99D478-337E-4C66-82CC-4E57C25B2DE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D649CB6-E951-4B09-859A-1C136048F912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "48C8509A-5C82-4A3F-944D-7F70C42E6B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD726F2-355F-4FDD-8717-22E0742D9535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78CA28C0-D2B2-4E15-910F-9AB074F41E7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25D3AC38-0C8F-41E8-9A0F-90F97F2B7A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2D08A433-CF63-4766-8F8C-784A58A11826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6AB18E43-2D60-4C87-A41D-D81FD47A5CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C3735EFA-A1F8-4390-BD73-46EB3F16A61A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9D300E29-CE89-4AA2-8E01-A94B502C5521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1DFDF6E4-156F-4F42-936B-BDA144B46507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "99CD46B1-7542-4AA8-9559-D2DF978EFE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "489BEE66-909B-414A-8120-3B90E8F1BA61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD07DC1-8106-4AEE-A7BB-B450B8F27CCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E5F6C82-65AA-400A-9653-A00425F2F535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "06F523EE-57C9-4334-931F-3EA6887AF612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "44E56DC2-4BBA-480A-9C92-C6F1D9F41263",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C01D7B71-99E2-4A85-96D9-4EBE9DD8CB79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "05A2A3B2-C4C2-4B95-B5AD-2FF0549641C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "328A4053-E91F-4152-B56B-0266749AA5DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4DF7279F-5A9C-4D2F-9375-5E08AADEA3A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C8881AAC-0A73-4F1A-8ED9-436DD0A96206",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "45A028B1-E878-4CF8-80B2-69D8DF6C07EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "202EC0B8-F464-4F7D-A5FA-A33FAB3EBFC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2DDB80-90AF-48B2-9C3A-45C00C829E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C680FEC2-6211-485D-B937-334CB4F1F822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "04FC418C-E0BD-47EE-B386-DDB7E82F0863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6624EE-8746-418E-86ED-D484C76696A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B82A08D6-D753-41A2-BF07-22B40917C85F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via (1) the pcd parameter to edit_bug.aspx, (2) the bug_id parameter to edit_comment.aspx, (3) the id parameter to edit_user_permissions2.aspx, or (4) the default_name parameter to edit_customfield.aspx. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en BugTracker.NET anterior a v3.4.5 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML a trav\u00e9s del (1) par\u00e1metro pcd para edit_bug.aspx, (2) el par\u00e1metro bug_id para edit_comment.aspx, (3) el par\u00e1metro id para edit_user_permissions2.aspx, o (4) el par\u00e1metro default_name para edit_customfield.aspx. NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceros."
}
],
"id": "CVE-2010-3266",
"lastModified": "2026-04-29T01:13:23.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-12-02T16:22:21.147",
"references": [
{
"source": "cve@mitre.org",
"url": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42418"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/15653"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/514957/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42418"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/15653"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/514957/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45121"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-3267
Vulnerability from fkie_nvd - Published: 2010-12-02 16:22 - Updated: 2026-04-29 01:13
Severity ?
Summary
Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the qu_id parameter to bugs.aspx, (2) the row_id parameter to delete_query.aspx, the (3) new_project or (4) us_id parameter to edit_bug.aspx, or (5) the bug_list parameter to massedit.aspx. NOTE: some of these details are obtained from third party information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE0A0BA-D39C-4394-915C-93BF77235C4B",
"versionEndIncluding": "3.4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF42546-0F04-4D87-8132-0F4044D2DEE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0810F70A-9A84-4FAB-8AA2-42361D1ADE95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C1063A-68F5-4B99-A34A-5417E37B0DF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "507DFC08-4EC7-4E4C-808D-96FB4C682F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2CB9E-4483-4CB4-B3BF-4EBDBFFCE083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56364EDF-9012-4186-873D-B4CE3E78F88D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "970CF80F-B6F6-45ED-AACD-4399C5582B41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "61146907-863D-4D4F-8701-1A5686364AF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "200AD528-DFCC-498F-B899-50BB20689D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B20ABBD-A2B7-49BD-97E1-CFBDFE58F106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A878E271-8F3F-4970-B61C-E32EE219CA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9334855-C2C8-43D8-8A88-07D6A426DD05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEE6DEE-CE01-4034-8094-6DEBE40741E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8C105CC7-A0B9-4E33-AF9B-F9785AB65FD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "107D414F-003B-44F7-B1E2-E05657D951C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DBFEE855-1E8E-4CB8-AF55-BD36AE977354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "506029FB-F5B3-47D3-8EFB-3A83775CE865",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E7047CC7-C874-4F0E-A077-732549E263F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "795D1B23-E696-467C-8506-872DA571EB8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CA1507D-93CE-4681-B393-2CD681FEB8FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "18930164-2C40-40CE-994A-D50CE9175A64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF7B000-F67F-4964-86A9-9D4C1A16CCC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C206E95C-B21F-45C7-95EF-E1FF5249492A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8BB5D8-720B-4178-ABD8-09EA3DFB98EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B7FBA85-1EE4-4BFB-85E6-EFB18BD83F02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E0FDDA4C-50FC-4126-A872-58E5294E6B8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC26B13-E1D5-40A6-A5E1-F6E1B16D3D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0C12B092-328A-4ACE-897F-D500F9AD269B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6163E1-AF78-4CE7-8506-518614C83EEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D14EE853-8B0F-48D4-A4B2-C25615B3B2FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FFCBEE-17ED-46AA-B1C6-5C44AEB160C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "72B7F7C2-6C8D-43F7-8AC8-5D557CDF0FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "273269A2-3D43-4DB6-A941-DDADA6936538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "562AE9F0-F3FB-4C91-A492-EB37243E82AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "40BC27FB-0CD5-4F63-8EF4-5A0AB36287C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1326B1F8-9C8F-4A51-BA2F-C7B7D04B1C65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2C9802EC-7E48-4A6A-A3EA-3FFA86251F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D927C4C6-E73C-4D0D-9907-F8573BE92903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BF5DA4FA-6F60-41EA-9440-E9A440B5146B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7F7AA3F-1520-4791-A3FF-AF709B7CAF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C61BA750-5746-4ED3-BA09-9C6FE106B975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "45EE271D-C518-4686-9B33-6B577F284BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7532BA95-C8EB-4B6F-A17A-74E004112AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C5E4E4-3007-4248-819D-8DA22E33FA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7162777F-CC25-44D0-A7F9-E6C28496B488",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CA279C2B-8272-4D2C-9896-2953D506F216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F2D79BCB-BECB-4F9D-9638-11DD13937192",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D5CC2DB8-89BB-4830-B415-08666F81F898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBB49B8-0C24-408F-BE10-EC3E7EC8017D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4DF966-7635-4B12-B9C2-0B11DD1B3494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "97D96170-698F-4C4C-B1CE-ADDA41EF7988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "818B679A-8B68-4951-A93D-E43E7DE5C175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE544B6-727C-491B-825B-2F0363A17ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "54140434-0CAD-46D0-830E-E162AD887B94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D74D838-C925-47C5-BA10-DCEC4BE094CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9F99D478-337E-4C66-82CC-4E57C25B2DE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D649CB6-E951-4B09-859A-1C136048F912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "48C8509A-5C82-4A3F-944D-7F70C42E6B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD726F2-355F-4FDD-8717-22E0742D9535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78CA28C0-D2B2-4E15-910F-9AB074F41E7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25D3AC38-0C8F-41E8-9A0F-90F97F2B7A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2D08A433-CF63-4766-8F8C-784A58A11826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6AB18E43-2D60-4C87-A41D-D81FD47A5CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C3735EFA-A1F8-4390-BD73-46EB3F16A61A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9D300E29-CE89-4AA2-8E01-A94B502C5521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1DFDF6E4-156F-4F42-936B-BDA144B46507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "99CD46B1-7542-4AA8-9559-D2DF978EFE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "489BEE66-909B-414A-8120-3B90E8F1BA61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD07DC1-8106-4AEE-A7BB-B450B8F27CCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E5F6C82-65AA-400A-9653-A00425F2F535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "06F523EE-57C9-4334-931F-3EA6887AF612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "44E56DC2-4BBA-480A-9C92-C6F1D9F41263",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C01D7B71-99E2-4A85-96D9-4EBE9DD8CB79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "05A2A3B2-C4C2-4B95-B5AD-2FF0549641C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "328A4053-E91F-4152-B56B-0266749AA5DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4DF7279F-5A9C-4D2F-9375-5E08AADEA3A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C8881AAC-0A73-4F1A-8ED9-436DD0A96206",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "45A028B1-E878-4CF8-80B2-69D8DF6C07EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "202EC0B8-F464-4F7D-A5FA-A33FAB3EBFC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2DDB80-90AF-48B2-9C3A-45C00C829E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C680FEC2-6211-485D-B937-334CB4F1F822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "04FC418C-E0BD-47EE-B386-DDB7E82F0863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6624EE-8746-418E-86ED-D484C76696A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B82A08D6-D753-41A2-BF07-22B40917C85F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the qu_id parameter to bugs.aspx, (2) the row_id parameter to delete_query.aspx, the (3) new_project or (4) us_id parameter to edit_bug.aspx, or (5) the bug_list parameter to massedit.aspx. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en BugTracker.NET anterior a v3.4.5, permite a usuarios autenticados ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s del (1) par\u00e1metro qu_id para bugs.aspx, (2) el par\u00e1metro row_iw para delete_query.aspx, (3) el par\u00e1metro new_project o (4) el par\u00e1metro us_id para edit_bug.aspx, o (5) el par\u00e1metro bug_list para massedit.aspx. NOTA: algunos de estos detalles han sido obtenidos a partir de terceros."
}
],
"id": "CVE-2010-3267",
"lastModified": "2026-04-29T01:13:23.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-12-02T16:22:21.177",
"references": [
{
"source": "cve@mitre.org",
"url": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42418"
},
{
"source": "cve@mitre.org",
"url": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/15653"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/514957/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42418"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/15653"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/514957/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45121"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-3188
Vulnerability from fkie_nvd - Published: 2010-08-31 20:00 - Updated: 2026-04-29 01:13
Severity ?
Summary
SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via a custom field to the search page.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C5F1FF-D44A-4869-BBA2-706DA26E4EEF",
"versionEndIncluding": "3.4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF42546-0F04-4D87-8132-0F4044D2DEE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0810F70A-9A84-4FAB-8AA2-42361D1ADE95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C1063A-68F5-4B99-A34A-5417E37B0DF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "507DFC08-4EC7-4E4C-808D-96FB4C682F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2CB9E-4483-4CB4-B3BF-4EBDBFFCE083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56364EDF-9012-4186-873D-B4CE3E78F88D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "970CF80F-B6F6-45ED-AACD-4399C5582B41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "61146907-863D-4D4F-8701-1A5686364AF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "200AD528-DFCC-498F-B899-50BB20689D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B20ABBD-A2B7-49BD-97E1-CFBDFE58F106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A878E271-8F3F-4970-B61C-E32EE219CA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9334855-C2C8-43D8-8A88-07D6A426DD05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEE6DEE-CE01-4034-8094-6DEBE40741E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8C105CC7-A0B9-4E33-AF9B-F9785AB65FD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "107D414F-003B-44F7-B1E2-E05657D951C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DBFEE855-1E8E-4CB8-AF55-BD36AE977354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "506029FB-F5B3-47D3-8EFB-3A83775CE865",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E7047CC7-C874-4F0E-A077-732549E263F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "795D1B23-E696-467C-8506-872DA571EB8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CA1507D-93CE-4681-B393-2CD681FEB8FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "18930164-2C40-40CE-994A-D50CE9175A64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF7B000-F67F-4964-86A9-9D4C1A16CCC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C206E95C-B21F-45C7-95EF-E1FF5249492A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8BB5D8-720B-4178-ABD8-09EA3DFB98EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B7FBA85-1EE4-4BFB-85E6-EFB18BD83F02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E0FDDA4C-50FC-4126-A872-58E5294E6B8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC26B13-E1D5-40A6-A5E1-F6E1B16D3D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0C12B092-328A-4ACE-897F-D500F9AD269B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6163E1-AF78-4CE7-8506-518614C83EEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D14EE853-8B0F-48D4-A4B2-C25615B3B2FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FFCBEE-17ED-46AA-B1C6-5C44AEB160C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "72B7F7C2-6C8D-43F7-8AC8-5D557CDF0FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "273269A2-3D43-4DB6-A941-DDADA6936538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "562AE9F0-F3FB-4C91-A492-EB37243E82AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "40BC27FB-0CD5-4F63-8EF4-5A0AB36287C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1326B1F8-9C8F-4A51-BA2F-C7B7D04B1C65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2C9802EC-7E48-4A6A-A3EA-3FFA86251F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D927C4C6-E73C-4D0D-9907-F8573BE92903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BF5DA4FA-6F60-41EA-9440-E9A440B5146B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7F7AA3F-1520-4791-A3FF-AF709B7CAF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C61BA750-5746-4ED3-BA09-9C6FE106B975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "45EE271D-C518-4686-9B33-6B577F284BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7532BA95-C8EB-4B6F-A17A-74E004112AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C5E4E4-3007-4248-819D-8DA22E33FA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7162777F-CC25-44D0-A7F9-E6C28496B488",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CA279C2B-8272-4D2C-9896-2953D506F216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F2D79BCB-BECB-4F9D-9638-11DD13937192",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D5CC2DB8-89BB-4830-B415-08666F81F898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBB49B8-0C24-408F-BE10-EC3E7EC8017D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4DF966-7635-4B12-B9C2-0B11DD1B3494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "97D96170-698F-4C4C-B1CE-ADDA41EF7988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "818B679A-8B68-4951-A93D-E43E7DE5C175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE544B6-727C-491B-825B-2F0363A17ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "54140434-0CAD-46D0-830E-E162AD887B94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D74D838-C925-47C5-BA10-DCEC4BE094CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9F99D478-337E-4C66-82CC-4E57C25B2DE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D649CB6-E951-4B09-859A-1C136048F912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "48C8509A-5C82-4A3F-944D-7F70C42E6B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:2.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD726F2-355F-4FDD-8717-22E0742D9535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78CA28C0-D2B2-4E15-910F-9AB074F41E7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25D3AC38-0C8F-41E8-9A0F-90F97F2B7A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2D08A433-CF63-4766-8F8C-784A58A11826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6AB18E43-2D60-4C87-A41D-D81FD47A5CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C3735EFA-A1F8-4390-BD73-46EB3F16A61A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9D300E29-CE89-4AA2-8E01-A94B502C5521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1DFDF6E4-156F-4F42-936B-BDA144B46507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "99CD46B1-7542-4AA8-9559-D2DF978EFE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "489BEE66-909B-414A-8120-3B90E8F1BA61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD07DC1-8106-4AEE-A7BB-B450B8F27CCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E5F6C82-65AA-400A-9653-A00425F2F535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "06F523EE-57C9-4334-931F-3EA6887AF612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "44E56DC2-4BBA-480A-9C92-C6F1D9F41263",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C01D7B71-99E2-4A85-96D9-4EBE9DD8CB79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "05A2A3B2-C4C2-4B95-B5AD-2FF0549641C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "328A4053-E91F-4152-B56B-0266749AA5DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4DF7279F-5A9C-4D2F-9375-5E08AADEA3A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C8881AAC-0A73-4F1A-8ED9-436DD0A96206",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "45A028B1-E878-4CF8-80B2-69D8DF6C07EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "202EC0B8-F464-4F7D-A5FA-A33FAB3EBFC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2DDB80-90AF-48B2-9C3A-45C00C829E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C680FEC2-6211-485D-B937-334CB4F1F822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "04FC418C-E0BD-47EE-B386-DDB7E82F0863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ifdefined:bugtracker.net:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6624EE-8746-418E-86ED-D484C76696A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via a custom field to the search page."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en search.aspx en BugTracker.NET v3.4.3 y anteriores permite a atacantes remotos ejecutar comandos SQL a trav\u00e9s de un campo personalizado de b\u00b4\u00fasqueda de p\u00e1gina."
}
],
"id": "CVE-2010-3188",
"lastModified": "2026-04-29T01:13:23.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-31T20:00:01.687",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41150"
},
{
"source": "cve@mitre.org",
"url": "http://sourceforge.net/projects/btnet/files/btnet_3_4_4_release_notes.txt/view"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/513385/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/projects/btnet/files/btnet_3_4_4_release_notes.txt/view"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/513385/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61434"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2010-3266 (GCVE-0-2010-3266)
Vulnerability from cvelistv5 – Published: 2010-12-02 16:00 – Updated: 2024-08-07 03:03
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via (1) the pcd parameter to edit_bug.aspx, (2) the bug_id parameter to edit_comment.aspx, (3) the id parameter to edit_user_permissions2.aspx, or (4) the default_name parameter to edit_customfield.aspx. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2010-11-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:03:18.631Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup"
},
{
"name": "15653",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/15653"
},
{
"name": "20101130 CORE-2010-1109 - Multiple vulnerabilities in BugTracker.Net",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/514957/100/0/threaded"
},
{
"name": "45121",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45121"
},
{
"name": "42418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42418"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via (1) the pcd parameter to edit_bug.aspx, (2) the bug_id parameter to edit_comment.aspx, (3) the id parameter to edit_user_permissions2.aspx, or (4) the default_name parameter to edit_customfield.aspx. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup"
},
{
"name": "15653",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/15653"
},
{
"name": "20101130 CORE-2010-1109 - Multiple vulnerabilities in BugTracker.Net",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/514957/100/0/threaded"
},
{
"name": "45121",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45121"
},
{
"name": "42418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42418"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via (1) the pcd parameter to edit_bug.aspx, (2) the bug_id parameter to edit_comment.aspx, (3) the id parameter to edit_user_permissions2.aspx, or (4) the default_name parameter to edit_customfield.aspx. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup",
"refsource": "CONFIRM",
"url": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup"
},
{
"name": "15653",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15653"
},
{
"name": "20101130 CORE-2010-1109 - Multiple vulnerabilities in BugTracker.Net",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514957/100/0/threaded"
},
{
"name": "45121",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45121"
},
{
"name": "42418",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42418"
},
{
"name": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3266",
"datePublished": "2010-12-02T16:00:00.000Z",
"dateReserved": "2010-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:03:18.631Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3267 (GCVE-0-2010-3267)
Vulnerability from cvelistv5 – Published: 2010-12-02 16:00 – Updated: 2024-08-07 03:03
VLAI?
Summary
Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the qu_id parameter to bugs.aspx, (2) the row_id parameter to delete_query.aspx, the (3) new_project or (4) us_id parameter to edit_bug.aspx, or (5) the bug_list parameter to massedit.aspx. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2010-11-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:03:18.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup"
},
{
"name": "15653",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/15653"
},
{
"name": "20101130 CORE-2010-1109 - Multiple vulnerabilities in BugTracker.Net",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/514957/100/0/threaded"
},
{
"name": "45121",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45121"
},
{
"name": "42418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42418"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the qu_id parameter to bugs.aspx, (2) the row_id parameter to delete_query.aspx, the (3) new_project or (4) us_id parameter to edit_bug.aspx, or (5) the bug_list parameter to massedit.aspx. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup"
},
{
"name": "15653",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/15653"
},
{
"name": "20101130 CORE-2010-1109 - Multiple vulnerabilities in BugTracker.Net",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/514957/100/0/threaded"
},
{
"name": "45121",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45121"
},
{
"name": "42418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42418"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3267",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the qu_id parameter to bugs.aspx, (2) the row_id parameter to delete_query.aspx, the (3) new_project or (4) us_id parameter to edit_bug.aspx, or (5) the bug_list parameter to massedit.aspx. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup",
"refsource": "CONFIRM",
"url": "http://btnet.svn.sourceforge.net/viewvc/btnet/RELEASE_NOTES.TXT?revision=578\u0026view=markup"
},
{
"name": "15653",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15653"
},
{
"name": "20101130 CORE-2010-1109 - Multiple vulnerabilities in BugTracker.Net",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514957/100/0/threaded"
},
{
"name": "45121",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45121"
},
{
"name": "42418",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42418"
},
{
"name": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3267",
"datePublished": "2010-12-02T16:00:00.000Z",
"dateReserved": "2010-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:03:18.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3188 (GCVE-0-2010-3188)
Vulnerability from cvelistv5 – Published: 2010-08-31 19:25 – Updated: 2024-08-07 03:03
VLAI?
Summary
SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via a custom field to the search page.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2010-08-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:03:17.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "bugtrackernet-search-sql-injection(61434)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61434"
},
{
"name": "20100826 BugTracker.net 3.4.3 SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/513385/100/0/threaded"
},
{
"name": "41150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41150"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/projects/btnet/files/btnet_3_4_4_release_notes.txt/view"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-08-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via a custom field to the search page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "bugtrackernet-search-sql-injection(61434)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61434"
},
{
"name": "20100826 BugTracker.net 3.4.3 SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/513385/100/0/threaded"
},
{
"name": "41150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41150"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/projects/btnet/files/btnet_3_4_4_release_notes.txt/view"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3188",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via a custom field to the search page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "bugtrackernet-search-sql-injection(61434)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61434"
},
{
"name": "20100826 BugTracker.net 3.4.3 SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/513385/100/0/threaded"
},
{
"name": "41150",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41150"
},
{
"name": "http://sourceforge.net/projects/btnet/files/btnet_3_4_4_release_notes.txt/view",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/btnet/files/btnet_3_4_4_release_notes.txt/view"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3188",
"datePublished": "2010-08-31T19:25:00.000Z",
"dateReserved": "2010-08-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:03:17.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}