ByteOS Network

NVD Vulnerability Details :

CVE-2010-4822

Modified

Source-secalert@redhat.com

Published At-17 Sep, 2012 | 17:55

Updated At-29 Apr, 2026 | 01:13

core/model/MySQLDatabase.php in SilverStripe 2.4.x before 2.4.4, when the site is running in "live mode," allows remote attackers to obtain the SQL queries for a page via the showqueries and ajax parameters.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	4.3	MEDIUM	AV:N/AC:M/Au:N/C:P/I:N/A:N

Type: Primary

Version: 2.0

Base score: 4.3

Base severity: MEDIUM

Vector:

AV:N/AC:M/Au:N/C:P/I:N/A:N

CPE Matches

Silverstripe

>>silverstripe>>2.4.0

cpe:2.3:a:silverstripe:silverstripe:2.4.0:*:*:*:*:*:*:*

Silverstripe

>>silverstripe>>2.4.1

cpe:2.3:a:silverstripe:silverstripe:2.4.1:*:*:*:*:*:*:*

Silverstripe

>>silverstripe>>2.4.2

cpe:2.3:a:silverstripe:silverstripe:2.4.2:*:*:*:*:*:*:*

Silverstripe

>>silverstripe>>2.4.3

cpe:2.3:a:silverstripe:silverstripe:2.4.3:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-200	Primary	nvd@nist.gov

CWE ID: CWE-200

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://doc.silverstripe.org/framework/en/trunk/changelogs//2.4.4	secalert@redhat.com	Vendor Advisory
http://open.silverstripe.org/changeset/114783	secalert@redhat.com	Exploit Patch
http://secunia.com/advisories/42346	secalert@redhat.com	Vendor Advisory
http://www.openwall.com/lists/oss-security/2011/01/03/12	secalert@redhat.com	N/A
http://www.openwall.com/lists/oss-security/2012/04/30/1	secalert@redhat.com	N/A
http://www.openwall.com/lists/oss-security/2012/04/30/3	secalert@redhat.com	N/A
http://www.openwall.com/lists/oss-security/2012/05/01/3	secalert@redhat.com	N/A
http://www.osvdb.org/69885	secalert@redhat.com	N/A
http://doc.silverstripe.org/framework/en/trunk/changelogs//2.4.4	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://open.silverstripe.org/changeset/114783	af854a3a-2127-422b-91ae-364da2661108	Exploit Patch
http://secunia.com/advisories/42346	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://www.openwall.com/lists/oss-security/2011/01/03/12	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.openwall.com/lists/oss-security/2012/04/30/1	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.openwall.com/lists/oss-security/2012/04/30/3	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.openwall.com/lists/oss-security/2012/05/01/3	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.osvdb.org/69885	af854a3a-2127-422b-91ae-364da2661108	N/A