SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via a custom field to the search page.
No CVSS v3.1
No CVSS v3.0
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
AV:N/AC:L/Au:N/C:P/I:P/A:P
Vendors | Products |
---|---|
Ifdefined |
|
Configuration 1 [-]
|
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2010-08-31T19:25:00
Updated: 2018-10-10T18:57:01
Reserved: 2010-08-31T00:00:00
Link: CVE-2010-3188
JSON object: View
NVD Information
Status : Modified
Published: 2010-08-31T20:00:01.687
Modified: 2018-10-10T20:01:23.833
Link: CVE-2010-3188
JSON object: View
Redhat Information
No data.
CWE