Lucene search

[email protected]CVE-2012-0913

HistoryJan 24, 2012 - 6:55 p.m.

CVE-2012-0913

2012-01-2418:55:01

CWE-89

[email protected]

web.nvd.nist.gov

cve-2012-0913

sql injection

checklogin.aspx

icloudcenter ictimeattendance 1.0

nvd

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

31.7%

JSON

SQL injection vulnerability in checklogin.aspx in ICloudCenter ICTimeAttendance 1.0 allows remote attackers to execute arbitrary SQL commands via the passw parameter. NOTE: Some of these details are obtained from third party information.

Affected configurations

NVD

Node

icloudcenterictimeattendanceMatch1.0

CPENameOperatorVersion
icloudcenter:ictimeattendanceicloudcenter ictimeattendanceeq1.0

CPE	Name	Operator	Version
icloudcenter:ictimeattendance	icloudcenter ictimeattendance	eq	1.0

References

osvdb.org/78444

secunia.com/advisories/47660

www.exploit-db.com/exploits/18394

www.securityfocus.com/bid/51589

exchange.xforce.ibmcloud.com/vulnerabilities/72569

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

31.7%

JSON

Related for CVE-2012-0913

cvelist1 prion1 nvd1