Sql injection

2009-05-1812:00:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.4%

JSON

Multiple SQL injection vulnerabilities in the Starrating plugin before 0.7.7 for b2evolution allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

CPENameOperatorVersion
starrating_pluginle0.7.6
starrating_plugineq0.6
starrating_plugineq0.7
starrating_plugineq0.7.5

Name	Operator	Version
starrating_plugin	le	0.7.6
starrating_plugin	eq	0.6
starrating_plugin	eq	0.7
starrating_plugin	eq	0.7.5

References

osvdb.org/54369

secunia.com/advisories/35053

sourceforge.net/project/shownotes.php?release_id=681352&group_id=160495

www.securityfocus.com/bid/34899

exchange.xforce.ibmcloud.com/vulnerabilities/50417