CVE-2015-10063

CVSS V2 None CVSS V3 None
Description
A vulnerability was found in saemorris TheRadSystem and classified as critical. This issue affects the function redirect of the file _login.php. The manipulation of the argument user/pass leads to sql injection. The attack may be initiated remotely. The name of the patch is bfba26bd34af31648a11af35a0bb66f1948752a6. It is recommended to apply a patch to fix this issue. The identifier VDB-218453 was assigned to this vulnerability.
Overview
  • CVE ID
  • CVE-2015-10063
  • Assigner
  • cna@vuldb.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-01-17T19:15:11
  • Last Modified Date
  • 2023-01-23T19:31:55
Weakness Enumerations
CWE URL
CWE-89 http://cwe.mitre.org/data/definitions/89.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:theradsystem_project:theradsystem:*:*:*:*:*:*:*:* 1 OR 2015-04-03
References
Reference URL Reference Tags
https://github.com/saemorris/TheRadSystem/commit/bfba26bd34af31648a11af35a0bb66f1948752a6
https://vuldb.com/?ctiid.218453
https://vuldb.com/?id.218453
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2015-10063
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-10063
History
Created Old Value New Value Data Type Notes
2023-01-17 19:15:28 Added to TrackCVE
2023-01-17 19:15:29 Weakness Enumeration new
2023-01-17 23:14:24 2023-01-17T23:01:04 CVE Modified Date updated
2023-01-17 23:14:24 Received Awaiting Analysis Vulnerability Status updated
2023-01-17 23:14:27 CVSS V3 information new
2023-01-17 23:14:27 CVSS V2 information new
2023-01-23 19:14:07 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-01-23 19:14:11 CVSS V3 information new
2023-01-23 19:14:11 CVSS V2 information new
2023-01-23 21:13:19 2023-01-23T19:31:55 CVE Modified Date updated
2023-01-23 21:13:19 Undergoing Analysis Analyzed Vulnerability Status updated
2023-01-23 21:13:22 CPE Information updated
2023-01-23 21:13:22 CVSS V3 information new
2023-01-23 21:13:22 CVSS V2 information new