← Zuruck zu CVEs
CVE-2010-1327
N/ABeschreibung
Multiple SQL injection vulnerabilities in TornadoStore 1.4.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the marca parameter to precios.php3 or (2) the where parameter in a delivery_courier action to control/abm_list.php3.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht7/6/2010
Zuletzt geandert4/29/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
tornadostore:tornadostore
Schwachen (CWE)
CWE-89
Referenzen
http://www.bonsai-sec.com/en/research/vulnerabilities/tornadostore-multiple-sql-injection-0106.php(cve@mitre.org)
http://www.securityfocus.com/bid/41233(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/59950(cve@mitre.org)
http://www.bonsai-sec.com/en/research/vulnerabilities/tornadostore-multiple-sql-injection-0106.php(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/41233(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/59950(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.