Vulnerability-Lookup

CVE-2010-1521 (GCVE-0-2010-1521)

Vulnerability from cvelistv5 – Published: 2010-06-30 18:00 – Updated: 2024-08-07 01:28

Summary

SQL injection vulnerability in include/classes/tzn_user.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to execute arbitrary SQL commands via the password parameter to login.php.

Severity ?

No CVSS data available.

CWE

Assigner

flexera

References

URL

Tags

	http://secunia.com/advisories/40025	third-party-advisoryx_refsource_SECUNIA
	http://www.taskfreak.com/original/versions	x_refsource_CONFIRM
	http://secunia.com/secunia_research/2010-79/	x_refsource_MISC
	http://www.securityfocus.com/archive/1/512077/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/41218	vdb-entryx_refsource_BID
	http://osvdb.org/65847	vdb-entryx_refsource_OSVDB

Date Public ?

2010-06-29 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T01:28:41.823Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "40025",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40025"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.taskfreak.com/original/versions"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2010-79/"
          },
          {
            "name": "20100629 Secunia Research: TaskFreak \"password\" SQL Injection Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/512077/100/0/threaded"
          },
          {
            "name": "41218",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/41218"
          },
          {
            "name": "65847",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/65847"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-06-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "SQL injection vulnerability in include/classes/tzn_user.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to execute arbitrary SQL commands via the password parameter to login.php."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01.000Z",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "name": "40025",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40025"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.taskfreak.com/original/versions"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2010-79/"
        },
        {
          "name": "20100629 Secunia Research: TaskFreak \"password\" SQL Injection Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/512077/100/0/threaded"
        },
        {
          "name": "41218",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/41218"
        },
        {
          "name": "65847",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/65847"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2010-1521",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SQL injection vulnerability in include/classes/tzn_user.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to execute arbitrary SQL commands via the password parameter to login.php."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "40025",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/40025"
            },
            {
              "name": "http://www.taskfreak.com/original/versions",
              "refsource": "CONFIRM",
              "url": "http://www.taskfreak.com/original/versions"
            },
            {
              "name": "http://secunia.com/secunia_research/2010-79/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2010-79/"
            },
            {
              "name": "20100629 Secunia Research: TaskFreak \"password\" SQL Injection Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/512077/100/0/threaded"
            },
            {
              "name": "41218",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/41218"
            },
            {
              "name": "65847",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/65847"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2010-1521",
    "datePublished": "2010-06-30T18:00:00.000Z",
    "dateReserved": "2010-04-26T00:00:00.000Z",
    "dateUpdated": "2024-08-07T01:28:41.823Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2010-1521",
      "date": "2026-04-24",
      "epss": "0.00706",
      "percentile": "0.72228"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"0.6.3\", \"matchCriteriaId\": \"DBD16390-3175-4C4E-AC14-D91C79039DA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"74916DB4-F9CA-4F78-B5A2-4530A1D73BF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3781C274-BC6C-46F5-A979-80EAFD8987DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"149B6905-52E4-4BE6-AB01-3E59B0A73DA4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0A8FBA7-9263-4552-AD4A-448168EDE32E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B9406CC-9A11-4D15-B1F2-1DE37C5B4E76\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CEB490CD-F78D-4F96-87B5-76867BF08255\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28A37BFB-42C7-48F9-A228-E6B4F81812EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5236352-5D37-448C-83E7-AF82EA76BD7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88C2E85E-84B3-4A84-A52C-8BD3902BF23D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DF2DF24-A42C-4957-860D-8A0EF399CC6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"374983C0-7EF9-4FBA-93DC-2F3E4581E4A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C85E71E8-DFA7-470E-A670-1C41EEC3D597\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24F85B2D-E51C-4A3B-8DB8-3BE86772A38F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62C122D9-4B85-4059-A738-B967045D4D95\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE1C0AED-B6C8-4DE4-8264-555A44A26AC3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92D7514F-9AE9-47E4-8CC6-953F826FBF2C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"621B4E9A-C52F-4EBF-90F0-A886A0F630D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.5.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A49163CC-9887-4536-A219-CBE36B5D4203\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.5.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB88A669-1CB6-4D75-B7F5-6A34BAA01265\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.5.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C67D40D-460F-43A1-B59B-E5C4A52E76FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.5.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"153CBC88-E83E-48B6-9971-A5710770C597\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"895D354C-6983-45FB-AD8F-33974DB0D277\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADF3DBF5-F5D2-4348-8938-695B32C1DF26\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9DAB3243-5A9C-4594-91E7-31CA2885CB0E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"SQL injection vulnerability in include/classes/tzn_user.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to execute arbitrary SQL commands via the password parameter to login.php.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidades de inyecci\\u00f3n SQL en include/classes/tzn_user.php en TaskFreak! Original multiusuario anterior a v0.6.4 permite a atacantes remotos ejecutar comandos SQL arbitrarios mediante el par\\u00e1metro password en login.php\"}]",
      "id": "CVE-2010-1521",
      "lastModified": "2024-11-21T01:14:37.170",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2010-06-30T18:30:01.457",
      "references": "[{\"url\": \"http://osvdb.org/65847\", \"source\": \"PSIRT-CNA@flexerasoftware.com\"}, {\"url\": \"http://secunia.com/advisories/40025\", \"source\": \"PSIRT-CNA@flexerasoftware.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/secunia_research/2010-79/\", \"source\": \"PSIRT-CNA@flexerasoftware.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/512077/100/0/threaded\", \"source\": \"PSIRT-CNA@flexerasoftware.com\"}, {\"url\": \"http://www.securityfocus.com/bid/41218\", \"source\": \"PSIRT-CNA@flexerasoftware.com\"}, {\"url\": \"http://www.taskfreak.com/original/versions\", \"source\": \"PSIRT-CNA@flexerasoftware.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://osvdb.org/65847\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/40025\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/secunia_research/2010-79/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/512077/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/41218\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.taskfreak.com/original/versions\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}]",
      "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-89\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-1521\",\"sourceIdentifier\":\"PSIRT-CNA@flexerasoftware.com\",\"published\":\"2010-06-30T18:30:01.457\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SQL injection vulnerability in include/classes/tzn_user.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to execute arbitrary SQL commands via the password parameter to login.php.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidades de inyecci\u00f3n SQL en include/classes/tzn_user.php en TaskFreak! Original multiusuario anterior a v0.6.4 permite a atacantes remotos ejecutar comandos SQL arbitrarios mediante el par\u00e1metro password en login.php\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.6.3\",\"matchCriteriaId\":\"DBD16390-3175-4C4E-AC14-D91C79039DA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74916DB4-F9CA-4F78-B5A2-4530A1D73BF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3781C274-BC6C-46F5-A979-80EAFD8987DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"149B6905-52E4-4BE6-AB01-3E59B0A73DA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0A8FBA7-9263-4552-AD4A-448168EDE32E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B9406CC-9A11-4D15-B1F2-1DE37C5B4E76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEB490CD-F78D-4F96-87B5-76867BF08255\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28A37BFB-42C7-48F9-A228-E6B4F81812EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5236352-5D37-448C-83E7-AF82EA76BD7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88C2E85E-84B3-4A84-A52C-8BD3902BF23D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DF2DF24-A42C-4957-860D-8A0EF399CC6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"374983C0-7EF9-4FBA-93DC-2F3E4581E4A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C85E71E8-DFA7-470E-A670-1C41EEC3D597\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24F85B2D-E51C-4A3B-8DB8-3BE86772A38F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62C122D9-4B85-4059-A738-B967045D4D95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE1C0AED-B6C8-4DE4-8264-555A44A26AC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92D7514F-9AE9-47E4-8CC6-953F826FBF2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"621B4E9A-C52F-4EBF-90F0-A886A0F630D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A49163CC-9887-4536-A219-CBE36B5D4203\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB88A669-1CB6-4D75-B7F5-6A34BAA01265\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C67D40D-460F-43A1-B59B-E5C4A52E76FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"153CBC88-E83E-48B6-9971-A5710770C597\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"895D354C-6983-45FB-AD8F-33974DB0D277\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADF3DBF5-F5D2-4348-8938-695B32C1DF26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taskfreak:taskfreak\\\\!:0.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DAB3243-5A9C-4594-91E7-31CA2885CB0E\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/65847\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://secunia.com/advisories/40025\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/secunia_research/2010-79/\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/512077/100/0/threaded\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://www.securityfocus.com/bid/41218\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://www.taskfreak.com/original/versions\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://osvdb.org/65847\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/40025\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/secunia_research/2010-79/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/512077/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/41218\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.taskfreak.com/original/versions\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}"
  }
}

GHSA-W95F-C925-PWX7

Vulnerability from github – Published: 2022-05-14 02:45 – Updated: 2025-04-11 03:36

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-1521"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-89"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-06-30T18:30:00Z",
    "severity": "HIGH"
  },
  "details": "SQL injection vulnerability in include/classes/tzn_user.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to execute arbitrary SQL commands via the password parameter to login.php.",
  "id": "GHSA-w95f-c925-pwx7",
  "modified": "2025-04-11T03:36:46Z",
  "published": "2022-05-14T02:45:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1521"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/65847"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/40025"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/secunia_research/2010-79"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/512077/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/41218"
    },
    {
      "type": "WEB",
      "url": "http://www.taskfreak.com/original/versions"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2010-1521

Vulnerability from fkie_nvd - Published: 2010-06-30 18:30 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
PSIRT-CNA@flexerasoftware.com	http://osvdb.org/65847
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/40025	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2010-79/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/512077/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/bid/41218
PSIRT-CNA@flexerasoftware.com	http://www.taskfreak.com/original/versions	Patch
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/65847
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/40025	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2010-79/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/512077/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/41218
af854a3a-2127-422b-91ae-364da2661108	http://www.taskfreak.com/original/versions	Patch

Impacted products

Vendor	Product	Version
taskfreak	taskfreak\!	*
taskfreak	taskfreak\!	0.1
taskfreak	taskfreak\!	0.1.2
taskfreak	taskfreak\!	0.1.3
taskfreak	taskfreak\!	0.1.4
taskfreak	taskfreak\!	0.2.0
taskfreak	taskfreak\!	0.2.1
taskfreak	taskfreak\!	0.2.2
taskfreak	taskfreak\!	0.3.0
taskfreak	taskfreak\!	0.3.1
taskfreak	taskfreak\!	0.3.2
taskfreak	taskfreak\!	0.4.0
taskfreak	taskfreak\!	0.4.1
taskfreak	taskfreak\!	0.4.2
taskfreak	taskfreak\!	0.5.0
taskfreak	taskfreak\!	0.5.1
taskfreak	taskfreak\!	0.5.2
taskfreak	taskfreak\!	0.5.3
taskfreak	taskfreak\!	0.5.4
taskfreak	taskfreak\!	0.5.5
taskfreak	taskfreak\!	0.5.6
taskfreak	taskfreak\!	0.5.7
taskfreak	taskfreak\!	0.6.0
taskfreak	taskfreak\!	0.6.1
taskfreak	taskfreak\!	0.6.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBD16390-3175-4C4E-AC14-D91C79039DA0",
              "versionEndIncluding": "0.6.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "74916DB4-F9CA-4F78-B5A2-4530A1D73BF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3781C274-BC6C-46F5-A979-80EAFD8987DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "149B6905-52E4-4BE6-AB01-3E59B0A73DA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0A8FBA7-9263-4552-AD4A-448168EDE32E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B9406CC-9A11-4D15-B1F2-1DE37C5B4E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEB490CD-F78D-4F96-87B5-76867BF08255",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "28A37BFB-42C7-48F9-A228-E6B4F81812EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5236352-5D37-448C-83E7-AF82EA76BD7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "88C2E85E-84B3-4A84-A52C-8BD3902BF23D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DF2DF24-A42C-4957-860D-8A0EF399CC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "374983C0-7EF9-4FBA-93DC-2F3E4581E4A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C85E71E8-DFA7-470E-A670-1C41EEC3D597",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "24F85B2D-E51C-4A3B-8DB8-3BE86772A38F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62C122D9-4B85-4059-A738-B967045D4D95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE1C0AED-B6C8-4DE4-8264-555A44A26AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92D7514F-9AE9-47E4-8CC6-953F826FBF2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "621B4E9A-C52F-4EBF-90F0-A886A0F630D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49163CC-9887-4536-A219-CBE36B5D4203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB88A669-1CB6-4D75-B7F5-6A34BAA01265",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C67D40D-460F-43A1-B59B-E5C4A52E76FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "153CBC88-E83E-48B6-9971-A5710770C597",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "895D354C-6983-45FB-AD8F-33974DB0D277",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADF3DBF5-F5D2-4348-8938-695B32C1DF26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DAB3243-5A9C-4594-91E7-31CA2885CB0E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SQL injection vulnerability in include/classes/tzn_user.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to execute arbitrary SQL commands via the password parameter to login.php."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidades de inyecci\u00f3n SQL en include/classes/tzn_user.php en TaskFreak! Original multiusuario anterior a v0.6.4 permite a atacantes remotos ejecutar comandos SQL arbitrarios mediante el par\u00e1metro password en login.php"
    }
  ],
  "id": "CVE-2010-1521",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-06-30T18:30:01.457",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://osvdb.org/65847"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/40025"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2010-79/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/512077/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/bid/41218"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.taskfreak.com/original/versions"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/65847"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/40025"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2010-79/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/512077/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/41218"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.taskfreak.com/original/versions"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2010-1521

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-1521

Aliases

CVE-2010-1521

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-1521",
    "description": "SQL injection vulnerability in include/classes/tzn_user.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to execute arbitrary SQL commands via the password parameter to login.php.",
    "id": "GSD-2010-1521"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-1521"
      ],
      "details": "SQL injection vulnerability in include/classes/tzn_user.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to execute arbitrary SQL commands via the password parameter to login.php.",
      "id": "GSD-2010-1521",
      "modified": "2023-12-13T01:21:32.683575Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
        "ID": "CVE-2010-1521",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "SQL injection vulnerability in include/classes/tzn_user.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to execute arbitrary SQL commands via the password parameter to login.php."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "40025",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/40025"
          },
          {
            "name": "http://www.taskfreak.com/original/versions",
            "refsource": "CONFIRM",
            "url": "http://www.taskfreak.com/original/versions"
          },
          {
            "name": "http://secunia.com/secunia_research/2010-79/",
            "refsource": "MISC",
            "url": "http://secunia.com/secunia_research/2010-79/"
          },
          {
            "name": "20100629 Secunia Research: TaskFreak \"password\" SQL Injection Vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/512077/100/0/threaded"
          },
          {
            "name": "41218",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/41218"
          },
          {
            "name": "65847",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/65847"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "0.6.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:taskfreak:taskfreak\\!:0.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2010-1521"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in include/classes/tzn_user.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to execute arbitrary SQL commands via the password parameter to login.php."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-89"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "40025",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/40025"
            },
            {
              "name": "http://secunia.com/secunia_research/2010-79/",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/secunia_research/2010-79/"
            },
            {
              "name": "41218",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/41218"
            },
            {
              "name": "http://www.taskfreak.com/original/versions",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://www.taskfreak.com/original/versions"
            },
            {
              "name": "65847",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/65847"
            },
            {
              "name": "20100629 Secunia Research: TaskFreak \"password\" SQL Injection Vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/512077/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-10T19:57Z",
      "publishedDate": "2010-06-30T18:30Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-1521 (GCVE-0-2010-1521)

GHSA-W95F-C925-PWX7

FKIE_CVE-2010-1521

GSD-2010-1521

Tags

Sightings

Nomenclature