CVE-2015-10034

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2015-10034
A vulnerability has been found in j-nowak workout-organizer and classified as critical. This vulnerability affects unknown code. The manipulation leads to sql injection. The patch is identified as 13cd6c3d1210640bfdb39872b2bb3597aa991279. It is recommended to apply a patch to fix this issue. VDB-217714 is the identifier assigned to this vulnerability.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

5.2 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:A/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 5.1 / Impact : 6.4

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://github.com/j-nowak/workout-organizer/commit/13cd6c3d1210640bfdb39872b2bb3597aa991279 Patch Third Party Advisory
https://vuldb.com/?ctiid.217714 Third Party Advisory
https://vuldb.com/?id.217714 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:workout-organizer_project:workout-organizer:*:*:*:*:*:*:*:*
History

11 Apr 2024, 00:53

Type Values Removed Values Added
Summary
  • (es) Se ha encontrado una vulnerabilidad en j-nowak fitness-organizer y ha sido clasificada como crítica. Esta vulnerabilidad afecta a código desconocido. La manipulación conduce a la inyección SQL. El parche se identifica como 13cd6c3d1210640bfdb39872b2bb3597aa991279. Se recomienda aplicar un parche para solucionar este problema. VDB-217714 es el identificador asignado a esta vulnerabilidad.

07 Nov 2023, 02:23

Type Values Removed Values Added
CWE CWE-89

20 Oct 2023, 09:15

Type Values Removed Values Added
Summary A vulnerability has been found in j-nowak workout-organizer and classified as critical. This vulnerability affects unknown code. The manipulation leads to sql injection. The name of the patch is 13cd6c3d1210640bfdb39872b2bb3597aa991279. It is recommended to apply a patch to fix this issue. VDB-217714 is the identifier assigned to this vulnerability. A vulnerability has been found in j-nowak workout-organizer and classified as critical. This vulnerability affects unknown code. The manipulation leads to sql injection. The patch is identified as 13cd6c3d1210640bfdb39872b2bb3597aa991279. It is recommended to apply a patch to fix this issue. VDB-217714 is the identifier assigned to this vulnerability.
CWE CWE-89
Information

Published : 2023-01-09 21:15

Updated : 2024-05-17 01:03

NVD link : CVE-2015-10034

Mitre link : CVE-2015-10034

CVE.ORG link : CVE-2015-10034

JSON object : View

Products Affected

workout-organizer_project

  • workout-organizer
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024