CVE-2015-10016 MEDIUM

CVE-2015-10016: jeff-kelley opensim-utils regionscrits.php DatabaseForRegion sql injection

Vendor Jeff-Kelley

Product opensim-utils

Weakness CWE-89 · SQLi

Published January 6, 2023

Last update November 25, 2024

View on NVD All CVEs

CVSS base score

5.5/10

Attack vector Adjacent

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

A vulnerability, which was classified as critical, has been found in jeff-kelley opensim-utils. Affected by this issue is the function DatabaseForRegion of the file regionscrits.php. The manipulation of the argument region leads to sql injection. The patch is identified as c29e5c729a833a29dbf5b1e505a0553fe154575e. It is recommended to apply a patch to fix this issue. VDB-217550 is the identifier assigned to this vulnerability.

Key dates

02Disclosure timeline

January 6, 2023 CVE published

November 25, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2015-10016

Related vulnerabilities

CVE-2015-10016: jeff-kelley opensim-utils regionscrits.php DatabaseForRegion sql injection

01Description

02Disclosure timeline

03References

04Related CVE