CVE-2015-10068

CVSS V2 None CVSS V3 None

Description

A vulnerability classified as critical was found in danynab movify-j. This vulnerability affects the function getByMovieId of the file app/business/impl/ReviewServiceImpl.java. The manipulation of the argument movieId/username leads to sql injection. The name of the patch is c3085e01936a4d7eff1eda3093f25d56cc4d2ec5. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218476.

Overview

CVE ID
CVE-2015-10068

Assigner
cna@vuldb.com

Vulnerability Status
Analyzed

Published Version
2023-01-18T08:15:09

Last Modified Date
2023-01-25T16:57:55

Weakness Enumerations

CWE	URL
CWE-89	http://cwe.mitre.org/data/definitions/89.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
cpe:2.3:a:movify-j_project:movify-j::::::::	1	OR		2015-03-14

References

Reference URL	Reference Tags
https://github.com/danynab/movify-j/commit/c3085e01936a4d7eff1eda3093f25d56cc4d2ec5
https://vuldb.com/?ctiid.218476
https://vuldb.com/?id.218476

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2015-10068
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-10068

History

Created	Old Value	New Value	Data Type	Notes
2023-01-18 09:14:43				Added to TrackCVE
2023-01-18 09:14:43			Weakness Enumeration	new
2023-01-18 14:15:43		2023-01-18T13:54:48	CVE Modified Date	updated
2023-01-18 14:15:43	Received	Awaiting Analysis	Vulnerability Status	updated
2023-01-18 14:15:46			CVSS V3 information	new
2023-01-18 14:15:46			CVSS V2 information	new
2023-01-25 13:13:35	Awaiting Analysis	Undergoing Analysis	Vulnerability Status	updated
2023-01-25 13:13:37			CVSS V3 information	new
2023-01-25 13:13:37			CVSS V2 information	new
2023-01-25 17:14:36		2023-01-25T16:57:55	CVE Modified Date	updated
2023-01-25 17:14:36	Undergoing Analysis	Analyzed	Vulnerability Status	updated
2023-01-25 17:14:39			CPE Information	updated
2023-01-25 17:14:39			CVSS V3 information	new
2023-01-25 17:14:39			CVSS V2 information	new