CVE-2010-2672
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2010-2672
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through 4.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) SectionID and (2) SearchTimestamp parameters to the search feature and the (3) SearchContentClassAttributeID parameter to the advancedsearch feature.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
eZ Publish 多个SQL注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
eZ Systems Publish是挪威eZ Systems公司的一套开源的PHP内容管理系统和开发框架(CMS/CMF)。该系统提供可自由定制和可扩展的内容模型,适用于新闻发布、电子商务(B2B与B2C)、门户与社区网站。 eZ Publish 3.7.0 版本到 4.2.0版本中存在多个SQL注入漏洞。远程攻击者可以借助搜索功能的(1) SectionID 和 (2) SearchTimestamp参数,高级搜索功能的(3) SearchContentClassAttributeID参数执行任意的S
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2010-2672
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2010-2672
Please Login to view more intelligence information
- http://ez.no/de/content/download/321166/3192253/version/1/file/16398.diffx_refsource_CONFIRM
- http://ez.no/de/content/download/321165/3192248/version/1/file/16397.diffx_refsource_CONFIRM
- http://www.siberas.de/advisories/advisories_2010.htmlx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2010-2672
Same Patch Batch · n/a · 2010-07-08 · 15 CVEs total
| CVE-2010-2668 | Adaptivedisplays ALPHA Ethernet Adapter II Web-Manager未明安全绕过漏洞 | |
| CVE-2010-2669 | Novo-Ws Orbis CMS 'admin/editors/text/editor-body.php'跨站脚本攻击漏洞 | |
| CVE-2010-2670 | BrotherScripts Recipe Website 'recipedetail.php'SQL注入漏洞 | |
| CVE-2010-2671 | eZ Publish 跨站脚本攻击漏洞 | |
| CVE-2010-2673 | Devana 'profile_view.php'SQL注入漏洞 | |
| CVE-2010-2674 | Alanzard TSOKA:CMS 'index.php'SQL注入漏洞 | |
| CVE-2010-2675 | Alanzard TSOKA:CMS 'index.php'跨站脚本攻击漏洞 | |
| CVE-2010-2676 | Open Web Analytics 'index.php'多个目录遍历漏洞 | |
| CVE-2010-2677 | Open Web Analytics 'mw_plugin.php' PHP远程文件包含漏洞 | |
| CVE-2010-2678 | Joomla!组件xmap SQL注入漏洞 | |
| CVE-2010-2679 | Joomla!组件Weblinks SQL注入漏洞 | |
| CVE-2010-1574 | Cisco Industrial Ethernet 3000系列交换机硬编码SNMP团体名漏洞 | |
| CVE-2010-2221 | Open-iSCSI targetcli-fb 缓冲区错误漏洞 | |
| CVE-2010-2494 | Bogofilter Base64编码"="字符堆内存破坏漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8250
Open5GS SMF n4-build.c smf_n4_build_qos_flow_to_modify_list - CVE-2026-8249
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8248
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han
V. Comments for CVE-2010-2672
No comments yet