Lucene search
CertccCVE-2013-3602HistorySep 06, 2013 - 11:15 a.m.
CVE-2013-3602
2013-09-0611:15:37
CWE-89
certcc
web.nvd.nist.gov
16
cve-2013-3602
sql injection
coursemill lms
admindocumentworker.jsp
remote execution
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.2
Confidence
Low
EPSS
0.001
Percentile
44.9%
SQL injection vulnerability in admindocumentworker.jsp in Coursemill Learning Management System (LMS) 6.6 allows remote authenticated users to execute arbitrary SQL commands via the docID parameter.
Affected configurations
Node
trivantiscoursemill_learning_management_systemMatch6.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| trivantis | coursemill_learning_management_system | 6.6 | cpe:2.3:a:trivantis:coursemill_learning_management_system:6.6:*:*:*:*:*:*:* |
References
Related
prion
prion
Sql injection
2013-09-06 11:15:00
cvelist
cvelist
CVE-2013-3602
2013-09-06 10:00:00
nvd
nvd
CVE-2013-3602
2013-09-06 11:15:37
cert
cert
Coursemill Learning Management System contains multiple vulnerabilities
2013-08-30 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.2
Confidence
Low
EPSS
0.001
Percentile
44.9%
Related for CVE-2013-3602