Home > Vulnerability Database > CVE-2013-10019

Mend.io Vulnerability Database

CVE-2013-10019

Date: February 20, 2023

A vulnerability was found in OCLC-Research OAICat 1.5.61. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The attack may be initiated remotely. Upgrading to version 1.5.62 is able to address this issue. The identifier of the patch is 6cc65501869fa663bcd24a70b63f41f5cfe6b3e1. It is recommended to upgrade the affected component. The identifier VDB-221489 was assigned to this vulnerability.

Language: Java

Severity Score

6.3

Related Resources (7)

Url: https://code.google.com/archive/p/oaicat/issues/7

Url: https://vuldb.com/?id.221489

Url: https://oaicat.googlecode.com/files/oaicat-1.5.62.tar.gz

Url: https://vuldb.com/?ctiid.221489

Url: https://nvd.nist.gov/vuln/detail/CVE-2013-10019

Url: https://github.com/OCLC-Research/oaicat/commit/6cc65501869fa663bcd24a70b63f41f5cfe6b3e1

Url: https://www.mend.io/vulnerability-database/CVE-2013-10019

Severity Score

6.3

Weakness Type (CWE)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CWE-89

CVSS v3.1

Base Score:	6.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	6.5
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	SINGLE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2013-10019

Date: February 20, 2023

Language: Java

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?