Lucene search

[email protected]CVE-2011-5216

HistoryOct 25, 2012 - 5:55 p.m.

CVE-2011-5216

2012-10-2517:55:03

CWE-89

[email protected]

web.nvd.nist.gov

cve-2011-5216

sql injection

ajax.php

scorm cloud

wordpress

remote code execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.2%

JSON

SQL injection vulnerability in ajax.php in SCORM Cloud For WordPress plugin before 1.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the active parameter. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

troyefscorm_cloudRange≤1.0.6.6

troyefscorm_cloudMatch1.0

troyefscorm_cloudMatch1.0.1

troyefscorm_cloudMatch1.0.2

troyefscorm_cloudMatch1.0.3

troyefscorm_cloudMatch1.0.4

troyefscorm_cloudMatch1.0.5

troyefscorm_cloudMatch1.0.6

troyefscorm_cloudMatch1.0.6.1

troyefscorm_cloudMatch1.0.6.2

troyefscorm_cloudMatch1.0.6.3

troyefscorm_cloudMatch1.0.6.4

troyefscorm_cloudMatch1.0.6.5

AND

wordpresswordpressMatch-

CPENameOperatorVersion
troyef:scorm_cloudtroyef scorm cloudle1.0.6.6
troyef:scorm_cloudtroyef scorm cloudeq1.0
troyef:scorm_cloudtroyef scorm cloudeq1.0.1
troyef:scorm_cloudtroyef scorm cloudeq1.0.2
troyef:scorm_cloudtroyef scorm cloudeq1.0.3
troyef:scorm_cloudtroyef scorm cloudeq1.0.4
troyef:scorm_cloudtroyef scorm cloudeq1.0.5
troyef:scorm_cloudtroyef scorm cloudeq1.0.6
troyef:scorm_cloudtroyef scorm cloudeq1.0.6.1
troyef:scorm_cloudtroyef scorm cloudeq1.0.6.2

CPE	Name	Operator	Version
troyef:scorm_cloud	troyef scorm cloud	le	1.0.6.6
troyef:scorm_cloud	troyef scorm cloud	eq	1.0
troyef:scorm_cloud	troyef scorm cloud	eq	1.0.1
troyef:scorm_cloud	troyef scorm cloud	eq	1.0.2
troyef:scorm_cloud	troyef scorm cloud	eq	1.0.3
troyef:scorm_cloud	troyef scorm cloud	eq	1.0.4
troyef:scorm_cloud	troyef scorm cloud	eq	1.0.5
troyef:scorm_cloud	troyef scorm cloud	eq	1.0.6
troyef:scorm_cloud	troyef scorm cloud	eq	1.0.6.1
troyef:scorm_cloud	troyef scorm cloud	eq	1.0.6.2

Rows per page:

1-10 of 141

References

plugins.trac.wordpress.org/changeset/435356/scormcloud

secunia.com/advisories/47198

wordpress.org/extend/plugins/scormcloud/changelog/

www.osvdb.org/77679

exchange.xforce.ibmcloud.com/vulnerabilities/71788

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.2%

JSON

Related for CVE-2011-5216

prion1 cvelist1 nvd1 patchstack1