CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
77.9%
Multiple SQL injection vulnerabilities in Land Down Under (LDU) v701 allow remote attackers to execute arbitrary SQL commands or obtain the installation path via parameters including (1) s, w, and d in users.php, (2) id in comments.php, (3) rusername in auth.php, or (4) h in plug.php.
Vendor | Product | Version | CPE |
---|---|---|---|
neocrome | land_down_under | 701 | cpe:2.3:a:neocrome:land_down_under:701:*:*:*:*:*:*:* |
secunia.com/advisories/13034
securitytracker.com/id?1012015
www.neocrome.net/index.php?m=single&id=91
www.neocrome.net/page.php?id=1573
www.osvdb.org/11299
www.osvdb.org/11300
www.osvdb.org/11301
www.osvdb.org/11302
www.ptsecurity.ru/advisory.asp
www.securityfocus.com/bid/11569
exchange.xforce.ibmcloud.com/vulnerabilities/17912