Lucene search
HistoryNov 02, 2015 - 7:59 p.m.
CVE-2015-5308
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.6
Confidence
Low
EPSS
0.002
Percentile
53.3%
Multiple SQL injection vulnerabilities in cs_admin_users.php in the wp-championship plugin 5.8 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) user, (2) isadmin, (3) mail service, (4) mailresceipt, (5) stellv, (6) champtipp, (7) tippgroup, or (8) userid parameter.
Affected configurations
Node
wp-championship_projectwp-championshipMatch5.8wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wp-championship_project | wp-championship | 5.8 | cpe:2.3:a:wp-championship_project:wp-championship:5.8:*:*:*:*:wordpress:*:* |
Related
wpvulndb
wpvulndb
wp-championship <= 5.8 - Authenticated Blind SQL Injection
2015-10-23 00:00:00
prion
prion
Sql injection
2015-11-02 19:59:00
patchstack
patchstack
WordPress WP Championship Plugin <= 5.8 - Multiple SQL Injection
2015-07-01 00:00:00
cvelist
cvelist
CVE-2015-5308
2015-11-02 19:00:00
wpexploit
wpexploit
wp-championship <= 5.8 - Authenticated Blind SQL Injection
2015-10-23 00:00:00
cve
cve
CVE-2015-5308
2015-11-02 19:59:07
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.6
Confidence
Low
EPSS
0.002
Percentile
53.3%
Related for NVD:CVE-2015-5308