{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-28T16:46:10.847","vulnerabilities":[{"cve":{"id":"CVE-2010-1918","sourceIdentifier":"cve@mitre.org","published":"2010-05-12T11:46:40.377","lastModified":"2026-06-16T23:19:35.320","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL injection vulnerability in ask_chat.php in eFront 3.6.2 and earlier allows remote attackers to execute arbitrary SQL commands via the chatrooms_ID parameter."},{"lang":"es","value":"Vulnerabilidad de inyección SQL en ask_chat.php de eFront v3.6.2 y anteriores, permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro chatrooms_ID."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:efrontlearning:efront:*:*:*:*:*:*:*:*","versionEndIncluding":"3.6.2","matchCriteriaId":"0F066887-2FFE-4B33-BAC2-0E72A148D292"},{"vulnerable":true,"criteria":"cpe:2.3:a:efrontlearning:efront:3.1.0:*:*:*:*:*:*:*","matchCriteriaId":"DC4945EB-C2DC-41FB-8B49-8F27D1EBF19E"},{"vulnerable":true,"criteria":"cpe:2.3:a:efrontlearning:efront:3.1.2:*:*:*:*:*:*:*","matchCriteriaId":"9648CD63-D34E-4298-8D54-2FF72C257477"},{"vulnerable":true,"criteria":"cpe:2.3:a:efrontlearning:efront:3.1.3:*:*:*:*:*:*:*","matchCriteriaId":"E993440A-7730-4540-B6BC-5CFC1636FE0C"},{"vulnerable":true,"criteria":"cpe:2.3:a:efrontlearning:efront:3.1.4:*:*:*:*:*:*:*","matchCriteriaId":"B9A7A13D-A022-49A0-BED7-701D333724B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:efrontlearning:efront:3.5.0:*:*:*:*:*:*:*","matchCriteriaId":"8802C5D3-64CD-4199-ABBC-F5AEE5AFDE46"},{"vulnerable":true,"criteria":"cpe:2.3:a:efrontlearning:efront:3.5.0:beta1:*:*:*:*:*:*","matchCriteriaId":"BD62DC8C-619B-4B61-AFAC-B7F6AFCBEB79"},{"vulnerable":true,"criteria":"cpe:2.3:a:efrontlearning:efront:3.5.0:beta2:*:*:*:*:*:*","matchCriteriaId":"A230995D-9925-4774-9CFC-4329F756EE36"},{"vulnerable":true,"criteria":"cpe:2.3:a:efrontlearning:efront:3.5.0:beta3:*:*:*:*:*:*","matchCriteriaId":"395AFAEC-9811-4CB8-A105-AB9B9C85DA68"},{"vulnerable":true,"criteria":"cpe:2.3:a:efrontlearning:efront:3.5.0:beta4:*:*:*:*:*:*","matchCriteriaId":"E7699ABE-E6AB-490F-9D1E-34F1EE2467B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:efrontlearning:efront:3.5.1:*:*:*:*:*:*:*","matchCriteriaId":"964B61AA-BB5B-4B19-8077-0AD5415D4788"},{"vulnerable":true,"criteria":"cpe:2.3:a:efrontlearning:efront:3.5.2:*:*:*:*:*:*:*","matchCriteriaId":"AD265DFA-0072-48E5-86EE-079060723C10"},{"vulnerable":true,"criteria":"cpe:2.3:a:efrontlearning:efront:3.5.3:*:*:*:*:*:*:*","matchCriteriaId":"23A6A4AB-1DB7-44D2-8775-0018C926277E"},{"vulnerable":true,"criteria":"cpe:2.3:a:efrontlearning:efront:3.5.4:*:*:*:*:*:*:*","matchCriteriaId":"6FCA0E12-672C-45B0-87A2-CE76A97F182F"},{"vulnerable":true,"criteria":"cpe:2.3:a:efrontlearning:efront:3.5.5:*:*:*:*:*:*:*","matchCriteriaId":"25674C08-9CD4-4B79-AC21-11107B71D4C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:efrontlearning:efront:3.6:*:*:*:*:*:*:*","matchCriteriaId":"26E22BEE-F7BA-4795-BD8F-EF3FD66F6338"},{"vulnerable":true,"criteria":"cpe:2.3:a:efrontlearning:efront:3.6.1:*:*:*:*:*:*:*","matchCriteriaId":"188BA3F0-FDB5-4928-9A0A-6188A77446CB"}]}]}],"references":[{"url":"http://osvdb.org/64506","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://packetstormsecurity.org/1005-exploits/MOPS-2010-018.pdf","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://secunia.com/advisories/39728","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.php-security.org/2010/05/09/mops-2010-018-efront-ask_chat-chatrooms_id-sql-injection-vulnerability/index.html","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://www.securityfocus.com/bid/40032","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://www.vupen.com/english/advisories/2010/1101","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://osvdb.org/64506","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://packetstormsecurity.org/1005-exploits/MOPS-2010-018.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://secunia.com/advisories/39728","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.php-security.org/2010/05/09/mops-2010-018-efront-ask_chat-chatrooms_id-sql-injection-vulnerability/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.securityfocus.com/bid/40032","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.vupen.com/english/advisories/2010/1101","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}