CyberSec.Space Logo
Back to CVE Browser

CVE-2010-0631

HIGH
7.5
CVSS Severity Score
EPSS Score0.0290%
EPSS Percentile35.74th
PublishedFeb 12, 2010
Last ModifiedApr 29, 2026

Vulnerability Description

Multiple SQL injection vulnerabilities in index.php in Eicra Car Rental-Script, when the plugin_id parameter is 4, allow remote attackers to execute arbitrary SQL commands via the (1) users (username) and (2) passwords parameters.

Affected Platforms (CPE)

πŸ“¦
Eicrasoft

Eicra Car Rental Script

All versions

References & Advisories

πŸ”— http://secunia.com/advisories/38389
πŸ”— http://www.exploit-db.com/exploits/11323
πŸ”— http://secunia.com/advisories/38389
πŸ”— http://www.exploit-db.com/exploits/11323

Related Vulnerabilities

CVE-2010-036110.0

Stack-based buffer overflow in the WebDAV implementation in webservd in Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows ...

CVE-2010-035810.0

Heap-based buffer overflow in the server in IBM Lotus Domino 7 and 8.5 FP1 allows remote attackers to cause a denial of service (d...

CVE-2010-044410.0

HP Operations Agent 8.51, 8.52, 8.53, and 8.60 on Solaris 10 uses a blank password for the opc_op account, which allows remote att...

CVE-2010-035910.0

Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service (daemon ...