CVE-2010-4006

Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x before 5.0.81, 5.1.x before 5.1.51, and 6.0.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) namecondition or (2) namesearch parameter.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
wsnlinks
5.1.2
wsnlinks
5.1.3
wsnlinks
5.1.17
wsnlinks
5.1.18
wsnlinks
5.1.19
wsnlinks
5.1.20
wsnlinks
5.1.21
wsnlinks
5.1.22
wsnlinks
5.1.23
wsnlinks
5.1.24
wsnlinks
5.1.25
wsnlinks
5.1.26
wsnlinks
5.1.27
wsnlinks
5.1.28
wsnlinks
5.1.29
wsnlinks
5.1.30
wsnlinks
5.1.31
wsnlinks
5.1.32
wsnlinks
5.1.33
wsnlinks
5.1.34
wsnwsn_links
5.1.0
wsnwsn_links
5.1.1
wsnwsn_links
5.1.4
wsnwsn_links
5.1.5
wsnwsn_links
5.1.6
wsnwsn_links
5.1.7
wsnwsn_links
5.1.8
wsnwsn_links
5.1.9
wsnwsn_links
5.1.10
wsnwsn_links
5.1.11
wsnwsn_links
5.1.12
wsnwsn_links
5.1.13
wsnwsn_links
5.1.14
wsnwsn_links
5.1.15
wsnwsn_links
5.1.16
wsnwsn_links
5.1.35
wsnwsn_links
5.1.36
wsnwsn_links
5.1.37
wsnwsn_links
5.1.38
wsnwsn_links
5.1.39
wsnwsn_links
5.1.40
wsnwsn_links
5.1.41
wsnwsn_links
5.1.42
wsnwsn_links
5.1.43
wsnwsn_links
5.1.44
wsnwsn_links
5.1.45
wsnwsn_links
5.1.46
wsnwsn_links
5.1.47
wsnwsn_links
5.1.48
wsnwsn_links
5.1.49
wsnwsn_links
6.0.0
wsnlinkswsn_links
5.0.0
wsnlinkswsn_links
5.0.1
wsnlinkswsn_links
5.0.2
wsnlinkswsn_links
5.0.3
wsnlinkswsn_links
5.0.4
wsnlinkswsn_links
5.0.5
wsnlinkswsn_links
5.0.6
wsnlinkswsn_links
5.0.7
wsnlinkswsn_links
5.0.8
wsnlinkswsn_links
5.0.9
wsnlinkswsn_links
5.0.10
wsnlinkswsn_links
5.0.11
wsnlinkswsn_links
5.0.12
wsnlinkswsn_links
5.0.13
wsnlinkswsn_links
5.0.14
wsnlinkswsn_links
5.0.15
wsnlinkswsn_links
5.0.16
wsnlinkswsn_links
5.0.17
wsnlinkswsn_links
5.0.18
wsnlinkswsn_links
5.0.19
wsnlinkswsn_links
5.0.20
wsnlinkswsn_links
5.0.21
wsnlinkswsn_links
5.0.22
wsnlinkswsn_links
5.0.23
wsnlinkswsn_links
5.0.24
wsnlinkswsn_links
5.0.25
wsnlinkswsn_links
5.0.26
wsnlinkswsn_links
5.0.27
wsnlinkswsn_links
5.0.28
wsnlinkswsn_links
5.0.29
wsnlinkswsn_links
5.0.30
wsnlinkswsn_links
5.0.31
wsnlinkswsn_links
5.0.32
wsnlinkswsn_links
5.0.33
wsnlinkswsn_links
5.0.34
wsnlinkswsn_links
5.0.35
wsnlinkswsn_links
5.0.36
wsnlinkswsn_links
5.0.37
wsnlinkswsn_links
5.0.38
wsnlinkswsn_links
5.0.39
wsnlinkswsn_links
5.0.40
wsnlinkswsn_links
5.0.41
wsnlinkswsn_links
5.0.42
wsnlinkswsn_links
5.0.43
wsnlinkswsn_links
5.0.44
wsnlinkswsn_links
5.0.45
wsnlinkswsn_links
5.0.46
wsnlinkswsn_links
5.0.47
wsnlinkswsn_links
5.0.48
wsnlinkswsn_links
5.0.49
wsnlinkswsn_links
5.0.50
wsnlinkswsn_links
5.0.51
wsnlinkswsn_links
5.0.52
wsnlinkswsn_links
5.0.53
wsnlinkswsn_links
5.0.54
wsnlinkswsn_links
5.0.55
wsnlinkswsn_links
5.0.56
wsnlinkswsn_links
5.0.57
wsnlinkswsn_links
5.0.58
wsnlinkswsn_links
5.0.59
wsnlinkswsn_links
5.0.60
wsnlinkswsn_links
5.0.61
wsnlinkswsn_links
5.0.62
wsnlinkswsn_links
5.0.63
wsnlinkswsn_links
5.0.64
wsnlinkswsn_links
5.0.65
wsnlinkswsn_links
5.0.66
wsnlinkswsn_links
5.0.67
wsnlinkswsn_links
5.0.68
wsnlinkswsn_links
5.0.69
wsnlinkswsn_links
5.0.70
wsnlinkswsn_links
5.0.71
wsnlinkswsn_links
5.0.72
wsnlinkswsn_links
5.0.73
wsnlinkswsn_links
5.0.74
wsnlinkswsn_links
5.0.75
wsnlinkswsn_links
5.0.76
wsnlinkswsn_links
5.0.77
wsnlinkswsn_links
5.0.78
wsnlinkswsn_links
5.0.79
wsnlinkswsn_links
5.0.80
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/fulldisclosure/2010-10/0512.html
http://www.exploit-db.com/exploits/15607
http://www.securityfocus.com/archive/1/514585/100/0/threaded
http://www.securityfocus.com/bid/44593
http://www.uncompiled.com/2010/10/wsn-links-sql-injection-vulnerability-cve-2010-4006/
https://exchange.xforce.ibmcloud.com/vulnerabilities/62939
http://archives.neohapsis.com/archives/fulldisclosure/2010-10/0512.html
http://www.exploit-db.com/exploits/15607
http://www.securityfocus.com/archive/1/514585/100/0/threaded
http://www.securityfocus.com/bid/44593
http://www.uncompiled.com/2010/10/wsn-links-sql-injection-vulnerability-cve-2010-4006/
https://exchange.xforce.ibmcloud.com/vulnerabilities/62939