VYPR
Unrated severityNVD Advisory· Published May 24, 2010· Updated Jun 16, 2026

CVE-2010-2015

CVE-2010-2015

Description

Multiple SQL injection vulnerabilities in LiSK CMS 4.4 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in a view_inbox action to cp/cp_messages.php or (2) the id parameter to cp/edit_email.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • cpe:2.3:a:createch-group:lisk_cms:4.4:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:createch-group:lisk_cms:4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:createch-group:lisk_cms:4.4:-:corporate:*:*:*:*:*
    • cpe:2.3:a:createch-group:lisk_cms:4.4:-:custom:*:*:*:*:*
    • cpe:2.3:a:createch-group:lisk_cms:4.4:-:e-commerce:*:*:*:*:*
    • cpe:2.3:a:createch-group:lisk_cms:4.4:-:extranet\/intranet:*:*:*:*:*
    • cpe:2.3:a:createch-group:lisk_cms:4.4:-:portal\/community:*:*:*:*:*
  • LiSK/LiSK CMSllm-create
    Range: =4.4

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.