Lucene search
HistoryJan 29, 2012 - 4:04 a.m.
CVE-2011-3831
cve-2011-3831
sql injection
incident_attachments.php
support incident tracker
sit! 3.65
nvd
8.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
76.8%
SQL injection vulnerability in incident_attachments.php in Support Incident Tracker (aka SiT!) 3.65 allows remote attackers to execute arbitrary SQL commands via an uploaded file with a crafted file name.
Affected configurations
Node
sitrackersupport_incident_trackerMatch3.65
| CPE | Name | Operator | Version |
|---|---|---|---|
| sitracker:support_incident_tracker | sitracker support incident tracker | eq | 3.65 |
Related
prion
prion
Sql injection
2012-01-29 04:04:00
cvelist
cvelist
CVE-2011-3831
2012-01-29 02:00:00
nvd
nvd
CVE-2011-3831
2012-01-29 04:04:44
openvas
openvas
Support Incident Tracker (SiT!) Multiple Input Validation Vulnerabilities
2011-11-16 00:00:00
Support Incident Tracker (SiT!) <= 3.65 Multiple Vulnerabilities
2011-11-16 00:00:00
8.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
76.8%
Related for CVE-2011-3831