VYPR
Unrated severityNVD Advisory· Published Sep 14, 2011· Updated Jun 16, 2026

CVE-2010-4834

CVE-2010-4834

Description

Multiple SQL injection vulnerabilities in index.php in OneOrZero AIMS 2.6.0 Members Edition and 2.7.0 Trial Edition allow remote authenticated users to execute arbitrary SQL commands via the (1) id parameter in a saved_search action and (2) item_types parameter in a show_item_search action in the search_management_manage subcontroller. NOTE: some of these details are obtained from third party information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Oneorzero/Aims3 versions
    cpe:2.3:a:oneorzero:aims:2.6.0:*:members:*:*:*:*:*+ 2 more
    • cpe:2.3:a:oneorzero:aims:2.6.0:*:members:*:*:*:*:*
    • cpe:2.3:a:oneorzero:aims:2.7.0:*:trial:*:*:*:*:*
    • (no CPE)range: <= 2.7.0 Trial Edition (and 2.6.0 Members Edition)

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.