Lucene search

PRIOn knowledge basePRION:CVE-2013-7219

HistoryJan 21, 2014 - 4:06 p.m.

Sql injection

2014-01-2116:06:00

PRIOn knowledge base

www.prio-n.com

9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

47.5%

JSON

SQL injection vulnerability in vote.php in the 2Glux Sexy Polling (com_sexypolling) component before 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the answer_id[] parameter.

CPENameOperatorVersion
com_sexypollingeq1.0.3
com_sexypollingeq0.9.7
com_sexypollingeq0.9.6
com_sexypollingeq1.0.4
com_sexypollingeq1.0.2
com_sexypollingeq0.9.4
com_sexypollingeq1.0.7
com_sexypollingle1.0.8
com_sexypollingeq0.9.1
com_sexypollingeq1.0.1

Name	Operator	Version
com_sexypolling	eq	1.0.3
com_sexypolling	eq	0.9.7
com_sexypolling	eq	0.9.6
com_sexypolling	eq	1.0.4
com_sexypolling	eq	1.0.2
com_sexypolling	eq	0.9.4
com_sexypolling	eq	1.0.7
com_sexypolling	le	1.0.8
com_sexypolling	eq	0.9.1
com_sexypolling	eq	1.0.1

Rows per page:

1-10 of 141

References

2glux.com/forum/sexypolling/sexy-polling-security-vulnerability-notification-t2026.html

www.securityfocus.com/archive/1/530789/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/90519

www.htbridge.com/advisory/HTB23193

9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

47.5%

JSON

Related for PRION:CVE-2013-7219