CVE-2010-5023

SQL injection vulnerability in index.asp in Digital Interchange Calendar 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intDivisionID parameter.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
cramerdevdigital_interchange_calendar
5.8.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.org/1006-exploits/digitalinterchange-sql.txt
http://securityreason.com/securityalert/8513
http://www.exploit-db.com/exploits/13860
http://www.securityfocus.com/bid/40829
http://www.vupen.com/english/advisories/2010/1464
https://exchange.xforce.ibmcloud.com/vulnerabilities/59425
http://packetstormsecurity.org/1006-exploits/digitalinterchange-sql.txt
http://securityreason.com/securityalert/8513
http://www.exploit-db.com/exploits/13860
http://www.securityfocus.com/bid/40829
http://www.vupen.com/english/advisories/2010/1464
https://exchange.xforce.ibmcloud.com/vulnerabilities/59425