HIGH🇵🇱 Wersja polska

CVE-2010-4284

CVSS 7.5v2.0pub. 2011-05-09upd. 2026-04-29

SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Samsung Data Management Server

    APP
    Samsung
    1.3.31.4.1≤ 1.4.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
SQLi
CWE
References

Related vulnerabilities

CVE-2025-53078HIGH8.0ten sam produkt

Deserialization of Untrusted Data in Samsung DMS(Data Management Server) allows attackers to execute arbitrary...

CVE-2025-53080HIGH7.1ten sam produkt

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Samsung DMS(Data Management ...

CVE-2025-53077MEDIUM6.5ten sam produkt

An execution after redirect in Samsung DMS(Data Management Server) allows attackers to execute limited functio...

CVE-2025-53079MEDIUM4.9ten sam produkt

Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) t...

CVE-2025-53081MEDIUM6.4ten sam produkt

An 'Arbitrary File Creation' in Samsung DMS(Data Management Server) allows attackers to create arbitrary files...