CVE-2010-0400

CVSS 7.5 - HIGH

Description

SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote attackers to execute arbitrary SQL commands via a username.

Affected Products

1

Vendor	Product	Version
mahara	mahara	`1.0.4`

References

http://security.debian.org/pool/updates/main/m/mah...

http://www.debian.org/security/2010/dsa-2030

http://www.securityfocus.com/bid/39253

http://security.debian.org/pool/updates/main/m/mah...

http://www.debian.org/security/2010/dsa-2030

http://www.securityfocus.com/bid/39253

Weakness Types

CWE-89

CVE Information

CVE ID:: CVE-2010-0400
Published:: 2010-04-07
Modified:: 2026-04-29
CVSS Score:: 7.5
Severity:: HIGH
Vector:: AV:N/AC:L/Au:N/C:P/I:P/A:P

Affected Vendors

mahara

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL