WEB APPLICATION VULNERABILITIES Standard & Premium

XWiki Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4641)

Description

SQL injection vulnerability in XWiki Enterprise before 2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Remediation

References

Related Vulnerabilities

WordPress Plugin Lazy Load Cross-Site Scripting (0.6)

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Request Forgery (2.0.6)

WordPress Plugin WordPress Mobile app Builder-Convert WordPress site to native mobile apps Arbitrary File Upload (1.05)

WebLogic CVE-2021-2136 Vulnerability (CVE-2021-2136)

PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3412)

Severity

High

Classification

CVE-2010-4641 CWE-138

Tags

Missing Update Known Vulnerabilities