Lucene search
MitreCVE-2012-3839HistoryJul 03, 2012 - 10:55 p.m.
CVE-2012-3839
2012-07-0322:55:02
CWE-89
mitre
web.nvd.nist.gov
20
sql injection
myclientbase
remote execution
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.004
Percentile
72.4%
Multiple SQL injection vulnerabilities in application/core/MY_Model.php in MyClientBase 0.12 allow remote attackers to execute arbitrary SQL commands via the (1) invoice_number or (2) tags parameter to index.php/invoice_search.
Affected configurations
Node
myclientbasemyclientbaseMatch0.12
| Vendor | Product | Version | CPE |
|---|---|---|---|
| myclientbase | myclientbase | 0.12 | cpe:2.3:a:myclientbase:myclientbase:0.12:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2012-3839
2012-07-03 22:00:00
prion
prion
Sql injection
2012-07-03 22:55:00
nvd
nvd
CVE-2012-3839
2012-07-03 22:55:02
exploitdb
exploitdb
MyClientBase 0.12 - Multiple Vulnerabilities
2012-05-01 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.004
Percentile
72.4%
Related for CVE-2012-3839