CVE-2010-0471
Severity CVSS v4.0:
Pending analysis
Type:
CWE-89
SQL Injection
Publication date:
02/02/2010
Last modified:
11/04/2025
Description
SQL injection vulnerability in the comment submission interface (includes/comment.php) in Enano CMS before 1.0.6pl1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:enanocms:enanocms:*:*:*:*:*:*:*:* | 1.0.6 (including) | |
| cpe:2.3:a:enanocms:enanocms:0.8.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:enanocms:enanocms:0.8.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:enanocms:enanocms:0.8.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:enanocms:enanocms:0.8.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:enanocms:enanocms:0.9.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:enanocms:enanocms:0.9.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:enanocms:enanocms:0.9.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:enanocms:enanocms:1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:enanocms:enanocms:1.0.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:enanocms:enanocms:1.0.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:enanocms:enanocms:1.0.2b1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:enanocms:enanocms:1.0.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:enanocms:enanocms:1.0.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:enanocms:enanocms:1.0.5:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page