Lucene search

[email protected]CVE-2011-5038

HistoryDec 30, 2011 - 7:55 p.m.

CVE-2011-5038

2011-12-3019:55:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2011-5038

sql injection

hitcode hitappoint 4.5.17

remote attackers

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.1%

JSON

SQL injection vulnerability in hitCode hitAppoint 4.5.17 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

hitcodehitappointRange≤4.5.17

hitcodehitappointMatch4.0

hitcodehitappointMatch4.0.9

hitcodehitappointMatch4.0.10

hitcodehitappointMatch4.0.11

hitcodehitappointMatch4.0.12

hitcodehitappointMatch4.0.13

hitcodehitappointMatch4.0.14

hitcodehitappointMatch4.0.15

hitcodehitappointMatch4.0.16

hitcodehitappointMatch4.0.17

hitcodehitappointMatch4.1.0

hitcodehitappointMatch4.1.1

hitcodehitappointMatch4.1.2

hitcodehitappointMatch4.1.3

hitcodehitappointMatch4.1.4

hitcodehitappointMatch4.2.0

hitcodehitappointMatch4.2.1

hitcodehitappointMatch4.2.2

hitcodehitappointMatch4.2.3

hitcodehitappointMatch4.2.4

hitcodehitappointMatch4.2.5

hitcodehitappointMatch4.2.6

hitcodehitappointMatch4.3.0

hitcodehitappointMatch4.3.1

hitcodehitappointMatch4.3.2

hitcodehitappointMatch4.3.3

hitcodehitappointMatch4.3.4

hitcodehitappointMatch4.3.5

hitcodehitappointMatch4.4.0

hitcodehitappointMatch4.4.1

hitcodehitappointMatch4.4.2

hitcodehitappointMatch4.4.3

hitcodehitappointMatch4.4.4

hitcodehitappointMatch4.4.5

hitcodehitappointMatch4.4.6

hitcodehitappointMatch4.4.7

hitcodehitappointMatch4.4.8

hitcodehitappointMatch4.4.9

hitcodehitappointMatch4.4.10

hitcodehitappointMatch4.5.

hitcodehitappointMatch4.5.1

hitcodehitappointMatch4.5.2

hitcodehitappointMatch4.5.3

hitcodehitappointMatch4.5.4

hitcodehitappointMatch4.5.5

hitcodehitappointMatch4.5.6

hitcodehitappointMatch4.5.7

hitcodehitappointMatch4.5.8

hitcodehitappointMatch4.5.9

hitcodehitappointMatch4.5.10

hitcodehitappointMatch4.5.11

hitcodehitappointMatch4.5.12

hitcodehitappointMatch4.5.13

hitcodehitappointMatch4.5.14

hitcodehitappointMatch4.5.15

hitcodehitappointMatch4.5.16

CPENameOperatorVersion
hitcode:hitappointhitcode hitappointle4.5.17
hitcode:hitappointhitcode hitappointeq4.0
hitcode:hitappointhitcode hitappointeq4.0.9
hitcode:hitappointhitcode hitappointeq4.0.10
hitcode:hitappointhitcode hitappointeq4.0.11
hitcode:hitappointhitcode hitappointeq4.0.12
hitcode:hitappointhitcode hitappointeq4.0.13
hitcode:hitappointhitcode hitappointeq4.0.14
hitcode:hitappointhitcode hitappointeq4.0.15
hitcode:hitappointhitcode hitappointeq4.0.16

CPE	Name	Operator	Version
hitcode:hitappoint	hitcode hitappoint	le	4.5.17
hitcode:hitappoint	hitcode hitappoint	eq	4.0
hitcode:hitappoint	hitcode hitappoint	eq	4.0.9
hitcode:hitappoint	hitcode hitappoint	eq	4.0.10
hitcode:hitappoint	hitcode hitappoint	eq	4.0.11
hitcode:hitappoint	hitcode hitappoint	eq	4.0.12
hitcode:hitappoint	hitcode hitappoint	eq	4.0.13
hitcode:hitappoint	hitcode hitappoint	eq	4.0.14
hitcode:hitappoint	hitcode hitappoint	eq	4.0.15
hitcode:hitappoint	hitcode hitappoint	eq	4.0.16

Rows per page:

1-10 of 571

References

secunia.com/advisories/47140

www.osvdb.org/77580

exchange.xforce.ibmcloud.com/vulnerabilities/71740

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.1%

JSON

Related for CVE-2011-5038

prion1 nvd1 cvelist1