Lucene search
HistoryFeb 25, 2011 - 5:00 p.m.
CVE-2011-1100
cve
sql injection
pixelpost 1.7.3
security vulnerability
nvd
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
23.8%
Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) selectfmon, or (5) selectftag parameter in an images action.
Affected configurations
Node
pixelpostpixelpostMatch1.7.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| pixelpost:pixelpost | pixelpost | eq | 1.7.3 |
Related
cvelist
cvelist
CVE-2011-1100
2011-02-25 16:00:00
zeroscience
zeroscience
Pixelpost 1.7.3 Multiple POST Variables SQL Injection Vulnerability
2011-02-11 00:00:00
prion
prion
Sql injection
2011-02-25 17:00:00
nvd
nvd
CVE-2011-1100
2011-02-25 17:00:01
ubuntucve
ubuntucve
CVE-2011-1100
2011-02-25 00:00:00
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
23.8%
Related for CVE-2011-1100