Lucene search
HistoryOct 20, 2014 - 3:55 p.m.
CVE-2012-5865
cve-2012-5865
sql injection
achievo 1.4.5
remote authenticated users
arbitrary sql commands
dispatch.php
security vulnerability
7.8 High
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
50.0%
SQL injection vulnerability in dispatch.php in Achievo 1.4.5 allows remote authenticated users to execute arbitrary SQL commands via the activityid parameter in a stats action.
| CPE | Name | Operator | Version |
|---|---|---|---|
| achievo:achievo | achievo | eq | 1.4.5 |
Related
prion
prion
Sql injection
2014-10-20 15:55:00
dsquare
dsquare
Achievo 1.4.5 LFI
2012-11-09 00:00:00
zdt
zdt
Achievo 1.4.5 Cross Site Scripting / SQL Injection Vulnerabilities
2012-12-07 00:00:00
exploitpack
exploitpack
Achievo 1.4.5 - Multiple Vulnerabilities (2)
2012-12-09 00:00:00
htbridge
htbridge
Multiple vulnerabilities in Achievo
2012-11-14 00:00:00
securityvulns
securityvulns
Multiple vulnerabilities in Achievo
2012-12-10 00:00:00
packetstorm
packetstorm
Achievo 1.4.5 Cross Site Scripting / SQL Injection
2012-12-07 00:00:00
exploitdb
exploitdb
Achievo 1.4.5 - Multiple Vulnerabilities (2)
2012-12-09 00:00:00
7.8 High
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
50.0%
Related for CVE-2012-5865