Back to search
CVE-2010-0614
Published: Feb 11, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows remote attackers to execute arbitrary SQL commands via the query parameter in the (1) question action, and possibly the (2) sub_par or (3) num_quest actions.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
62177
vdb-entry
x_refsource_OSVDB
38478
third-party-advisory
x_refsource_SECUNIA
38116
vdb-entry
x_refsource_BID
evalsmsi-ajax-sql-injection(56152)
vdb-entry
x_refsource_XF
20100204 CORELAN-10-008 - Multiple vulnerabilities found in evalmsi 2.1.03
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now