Lucene search
HistoryFeb 02, 2012 - 5:55 p.m.
CVE-2012-0980
cve-2012-0980
sql injection
phux download manager
remote attackers
arbitrary sql commands
8.7 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
27.6%
SQL injection vulnerability in download.php in phux Download Manager allows remote attackers to execute arbitrary SQL commands via the file parameter.
Affected configurations
Node
phuxdownload_manager
| CPE | Name | Operator | Version |
|---|---|---|---|
| phux:download_manager | phux download manager | eq | * |
Related
prion
prion
Sql injection
2012-02-02 17:55:00
openvas
openvas
phux Download Manager 'file' Parameter SQL Injection Vulnerability
2012-02-07 00:00:00
nvd
nvd
CVE-2012-0980
2012-02-02 17:55:01
cvelist
cvelist
CVE-2012-0980
2012-02-02 17:00:00
8.7 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
27.6%
Related for CVE-2012-0980