CVE-2010-2339

N/A Unknown

Published: June 18, 2010 Modified: April 29, 2026

Description

SQL injection vulnerability in admin/pages.php in Subdreamer CMS 3.x.x allows remote attackers to execute arbitrary SQL commands via the categoryids[] parameter in an update_pages action.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://packetstormsecurity.org/1006-advisories/major_rls73.txt

Source: cve@mitre.org

http://www.majorsecurity.net/subdreamer_cms_sql_injection.php

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/511818

Source: cve@mitre.org

http://www.securityfocus.com/bid/40849

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2010/1476

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/59441

Source: cve@mitre.org

http://packetstormsecurity.org/1006-advisories/major_rls73.txt