CVE-2010-2826

SQL injection vulnerability in Cisco Wireless Control System (WCS) 6.0.x before 6.0.196.0 allows remote authenticated users to execute arbitrary SQL commands via vectors related to the ORDER BY clause of the Client List screens, aka Bug ID CSCtf37019.

Data: Cisco advisories 1 day ago · Cisco CSAF 4 hours ago · NVD CVEs 7 hours ago · NVD CPEs 1 day ago · CISA KEV 1 day ago · EPSS 1 day ago

Severity	HIGH
CVSS	9.0
EPSS	0.33% EPSS medium
CWE	CWE-89
KEV
Published	15 years ago
Modified	3 weeks ago

Products with public affected evidence

Product	Advisory	Affected evidence
Cisco Wireless Control System (WCS) Software	cisco-sa-20100811-wcs	structured affected CSAF product_status