Lucene search
MitreCVE-2011-5039HistoryDec 30, 2011 - 7:55 p.m.
CVE-2011-5039
2011-12-3019:55:00
CWE-89
mitre
web.nvd.nist.gov
20
cve-2011-5039
sql injection
infoproject biznis heroj
vulnerability
remote attack
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.9
Confidence
Low
EPSS
0.001
Percentile
42.2%
Multiple SQL injection vulnerabilities in Infoproject Biznis Heroj allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to login.php, (3) the filter parameter to widget.dokumenti_lista.php, and (4) the fin_nalog_id parameter to nalozi_naslov.php.
Affected configurations
Node
infoprojectbiznis_heroj
| Vendor | Product | Version | CPE |
|---|---|---|---|
| infoproject | biznis_heroj | * | cpe:2.3:a:infoproject:biznis_heroj:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2011-5039
2011-12-30 19:55:00
prion
prion
Sql injection
2011-12-30 19:55:00
cvelist
cvelist
CVE-2011-5039
2011-12-30 19:00:00
exploitdb
exploitdb
Infoproject Business Hero - Multiple Vulnerabilities
2011-12-21 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.9
Confidence
Low
EPSS
0.001
Percentile
42.2%
Related for CVE-2011-5039