Lucene search

PRIOn knowledge basePRION:CVE-2011-3988

HistoryOct 21, 2011 - 6:55 p.m.

Sql injection

2011-10-2118:55:00

PRIOn knowledge base

www.prio-n.com

9 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.4%

JSON

SQL injection vulnerability in data/class/SC_Query.php in EC-CUBE 2.11.0 through 2.11.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CPENameOperatorVersion
ec-cubeeq2.11.2
ec-cubeeq2.11.0
ec-cubeeq2.11.1

Name	Operator	Version
ec-cube	eq	2.11.2
ec-cube	eq	2.11.0
ec-cube	eq	2.11.1

References

jvn.jp/en/jp/JVN44496332/index.html

jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000087.html

osvdb.org/76399

secunia.com/advisories/46446

svn.ec-cube.net/open_trac/ticket/1502

www.ec-cube.net/info/weakness/weakness.php?id=38

www.ec-cube.net/release/detail.php?release_id=286

www.securityfocus.com/bid/50140

exchange.xforce.ibmcloud.com/vulnerabilities/70625