VDB-218374 · CVE-2015-10050 · GCVE-100-218374

brandonfire miRNA_Database_by_PHP_MySql inc/model.php __construct/select_single_rna/count_rna SQL ଇଞ୍ଜେକ୍ସନ

Dogoggorri kan akka ଜଟିଳ jedhamuun ramadame brandonfire miRNA_Database_by_PHP_MySql keessatti argameera. Miidhaan irra gahe is hojii __construct/select_single_rna/count_rna faayilii inc/model.php keessa. Dhugumatti jijjiirraa gara SQL ଇଞ୍ଜେକ୍ସନ geessa. Waliigalteewwan CWE fayyadamuun rakkoo ibsuun gara CWE-89 si geessa. Beekumsi kun yeroo 01/14/2023 ifoomsifameera akka 307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a. Odeeffannoon kun buufachuuf github.com irratti dhiyaateera. Dogoggorri kun maqaa CVE-2015-10050 jedhuun tajaajilama. Weerara kana milkeessuuf, qunnamtii networkii naannoo barbaachisa. Odeeffannoon teeknikaa ni argama. Meeshaa balaa kana fayyadamuuf hin argamne. Yeroo ammaa, gatii exploit might be approx. USD $0-$5k beekamuu danda'a. ଅପରିଭାଷିତ jedhamee murtaa’eera. Waggaa 0-day ta'ee, gatiin isaa daldala dhoksaa keessatti $0-$5k jedhamee tilmaamame. Maqa-balleessaa paachii 307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a jedhama. Sirreeffamni dogoggoraa github.com irraa buufachuuf jira. Rakkoo kana furuuf paachii fe'uun ni gorfama. Once again VulDB remains the best source for vulnerability data.

3 ଆଡାପ୍ଟେସନ୍ · 73 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 01/14/2023 06:12 PM	ଅଦ୍ୟତନ 1/2 02/07/2023 02:39 PM	ଅଦ୍ୟତନ 2/2 02/07/2023 02:40 PM
software_vendor	brandonfire	brandonfire	brandonfire
software_name	miRNA_Database_by_PHP_MySql	miRNA_Database_by_PHP_MySql	miRNA_Database_by_PHP_MySql
software_file	inc/model.php	inc/model.php	inc/model.php
software_function	__construct/select_single_rna/count_rna	__construct/select_single_rna/count_rna	__construct/select_single_rna/count_rna
vulnerability_cwe	CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)	CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)	CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)
vulnerability_risk	2	2	2
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	L	L	L
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	C	C	C
advisory_identifier	307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a	307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a	307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a
advisory_url	https://github.com/brandonfire/miRNA_Database_by_PHP_MySql/commit/307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a	https://github.com/brandonfire/miRNA_Database_by_PHP_MySql/commit/307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a	https://github.com/brandonfire/miRNA_Database_by_PHP_MySql/commit/307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a
countermeasure_name	ପ୍ୟାଚ୍	ପ୍ୟାଚ୍	ପ୍ୟାଚ୍
patch_name	307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a	307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a	307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a
countermeasure_patch_url	https://github.com/brandonfire/miRNA_Database_by_PHP_MySql/commit/307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a	https://github.com/brandonfire/miRNA_Database_by_PHP_MySql/commit/307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a	https://github.com/brandonfire/miRNA_Database_by_PHP_MySql/commit/307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a
countermeasure_advisoryquote	prevent sql injection	prevent sql injection	prevent sql injection
source_cve	CVE-2015-10050	CVE-2015-10050	CVE-2015-10050
cna_responsible	VulDB	VulDB	VulDB
cvss2_vuldb_basescore	5.2	5.2	5.2
cvss2_vuldb_tempscore	4.5	4.5	4.5
cvss3_vuldb_basescore	5.5	5.5	5.5
cvss3_vuldb_tempscore	5.3	5.3	5.3
cvss3_meta_basescore	5.5	5.5	6.9
cvss3_meta_tempscore	5.3	5.3	6.9
price_0day	$0-$5k	$0-$5k	$0-$5k
advisory_date	1673650800 (01/14/2023)	1673650800 (01/14/2023)	1673650800 (01/14/2023)
software_type	Database Software	Database Software	Database Software
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_rc	C	C	C
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_av	A	A	A
cvss2_vuldb_au	S	S	S
cvss2_vuldb_e	ND	ND	ND
cvss3_vuldb_av	A	A	A
cvss3_vuldb_pr	L	L	L
cvss3_vuldb_e	X	X	X
cve_assigned		1673650800 (01/14/2023)	1673650800 (01/14/2023)
cve_nvd_summary		A vulnerability was found in brandonfire miRNA_Database_by_PHP_MySql. It has been declared as critical. This vulnerability affects the function __construct/select_single_rna/count_rna of the file inc/model.php. The manipulation leads to sql injection. The name of the patch is 307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a. It is recommended to apply a patch to fix this issue. VDB-218374 is the identifier assigned to this vulnerability.	A vulnerability was found in brandonfire miRNA_Database_by_PHP_MySql. It has been declared as critical. This vulnerability affects the function __construct/select_single_rna/count_rna of the file inc/model.php. The manipulation leads to sql injection. The name of the patch is 307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a. It is recommended to apply a patch to fix this issue. VDB-218374 is the identifier assigned to this vulnerability.
cvss3_nvd_av			N
cvss3_nvd_ac			L
cvss3_nvd_pr			N
cvss3_nvd_ui			N
cvss3_nvd_s			U
cvss3_nvd_c			H
cvss3_nvd_i			H
cvss3_nvd_a			H
cvss2_nvd_av			A
cvss2_nvd_ac			L
cvss2_nvd_au			S
cvss2_nvd_ci			P
cvss2_nvd_ii			P
cvss2_nvd_ai			P
cvss3_cna_av			A
cvss3_cna_ac			L
cvss3_cna_pr			L
cvss3_cna_ui			N
cvss3_cna_s			U
cvss3_cna_c			L
cvss3_cna_i			L
cvss3_cna_a			L
cve_cna			VulDB
cvss2_nvd_basescore			5.2
cvss3_nvd_basescore			9.8
cvss3_cna_basescore			5.5

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!