Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2010-1848

EPSS 0.06% · P18
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2010-1848

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
MySQL COM_FIELD_LIST命令绕过权限检查漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Oracle MySQL是美国甲骨文(Oracle)公司的一套开源的关系数据库管理系统。该数据库系统具有性能高、成本低、可靠性好等特点。 MySQL在处理COM_FIELD_LIST命令的表格名称参数时没有正确的执行权限检查,对一个表格拥有DELETE或SELECT权限的认证用户可以读取或删除其他表格的内容。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2010-1848

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2010-1848

Please Login to view more intelligence information

Same Patch Batch · n/a · 2010-06-07 · 23 CVEs total

CVE-2010-2158Speedtech Storm模块多个跨站脚本攻击漏洞
CVE-2010-2191PHP多个缓冲区溢出漏洞
CVE-2010-2190PHP多个函数信息泄露漏洞
CVE-2010-2159Dameng达梦数据库SP_DEL_BAK_EXPIRED过程内存破坏漏洞
CVE-2010-2060Beanstalkd 安全漏洞
CVE-2010-1850MySQL COM_FIELD_LIST命令远程溢出漏洞
CVE-2010-1849MySQL畸形报文处理远程拒绝服务漏洞
CVE-2010-1649Joomla!多个跨站脚本攻击漏洞
CVE-2010-1648MediaWiki login接口跨站请求伪造漏洞
CVE-2010-1647MediaWiki跨站脚本攻击漏洞
CVE-2010-1636Linux Kernel Btrfs实现创建不安全克隆文件漏洞
CVE-2010-2053emesene 'emesenelib/ProfileManager.py'后置链接漏洞
CVE-2010-2157CA ARCserve Backup未明漏洞
CVE-2010-2024Exim 'transports/appendfile.c'任意文件创建漏洞
CVE-2010-2023Exim 'transports/appendfile.c'拒绝服务漏洞
CVE-2010-1963HP ServiceCenter 未明跨站脚本攻击漏洞
CVE-2010-1962HP StorageWorks Storage Mirroring 未明未授权访问漏洞
CVE-2010-1904Emc RSA Key Manager客户端Metadata数据SQL注入漏洞
CVE-2010-1646Sudo 'env.c'权限许可和访问控制漏洞
CVE-2010-1439Red Hat Client Tools不安全loginAuth.pkl文件权限漏洞

Showing top 20 of 23 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2010-1848

No comments yet

Leave a comment