{"api_version":"1","generated_at":"2026-04-24T14:06:21+00:00","cve":"CVE-2010-0458","urls":{"html":"https://cve.report/CVE-2010-0458","api":"https://cve.report/api/cve/CVE-2010-0458.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2010-0458","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2010-0458"},"summary":{"title":"CVE-2010-0458","description":"Multiple SQL injection vulnerabilities in NetArt Media Blog System 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to index.php and the (2) note parameter to blog.php.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2010-01-28 20:30:00","updated_at":"2017-08-17 01:32:00"},"problem_types":["CWE-89"],"metrics":[],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/55862","name":"blogsystem-blog-sql-injection(55862)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.exploit-db.com/exploits/11216","name":"11216","refsource":"EXPLOIT-DB","tags":["Exploit"],"title":"Blog System 1.x (note) SQL Injection Vuln","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://packetstormsecurity.org/0512-exploits/blog12SQL.txt","name":"http://packetstormsecurity.org/0512-exploits/blog12SQL.txt","refsource":"MISC","tags":["Exploit"],"title":"Files ≈ Packet Storm","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/37911","name":"37911","refsource":"BID","tags":[],"title":"NetArt Media Blog System 'blog.php' SQL Injection Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/55818","name":"blogsystem-index-sql-injection(55818)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2010-0458","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-0458","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2010","cve_id":"458","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netartmedia","cpe5":"blog_system","cpe6":"1.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"458","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netartmedia","cpe5":"blog_system","cpe6":"1.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2010-0458","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple SQL injection vulnerabilities in NetArt Media Blog System 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to index.php and the (2) note parameter to blog.php."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"11216","refsource":"EXPLOIT-DB","url":"http://www.exploit-db.com/exploits/11216"},{"name":"http://packetstormsecurity.org/0512-exploits/blog12SQL.txt","refsource":"MISC","url":"http://packetstormsecurity.org/0512-exploits/blog12SQL.txt"},{"name":"blogsystem-blog-sql-injection(55862)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/55862"},{"name":"blogsystem-index-sql-injection(55818)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/55818"},{"name":"37911","refsource":"BID","url":"http://www.securityfocus.com/bid/37911"}]}},"nvd":{"publishedDate":"2010-01-28 20:30:00","lastModifiedDate":"2017-08-17 01:32:00","problem_types":["CWE-89"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":7.5},"severity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netartmedia:blog_system:1.5:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2010","CveId":"458","Ordinal":"42313","Title":"CVE-2010-0458","CVE":"CVE-2010-0458","Year":"2010"},"notes":[{"CveYear":"2010","CveId":"458","Ordinal":"1","NoteData":"Multiple SQL injection vulnerabilities in NetArt Media Blog System 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to index.php and the (2) note parameter to blog.php.","Type":"Description","Title":null},{"CveYear":"2010","CveId":"458","Ordinal":"2","NoteData":"2010-01-28","Type":"Other","Title":"Published"},{"CveYear":"2010","CveId":"458","Ordinal":"3","NoteData":"2017-08-16","Type":"Other","Title":"Modified"}]}}}