MitreCVE-2012-1670CVE-2012-1670
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
92.8%
admin/index.php in PHP Grade Book before 1.9.5 BETA allows remote attackers to read the database via a SaveSQL action.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phpgradebook | php_grade_book | * | cpe:2.3:a:phpgradebook:php_grade_book:*:*:*:*:*:*:*:* |
| phpgradebook | php_grade_book | 1.9.3 | cpe:2.3:a:phpgradebook:php_grade_book:1.9.3:*:*:*:*:*:*:* |
References
archives.neohapsis.com/archives/bugtraq/2012-03/0115.html
downloads.sourceforge.net/project/php-gradebook/phpGradeBook%20-%20BETA/1.9.5/phpGradeBook1.9.5.zip
osvdb.org/80311
secunia.com/advisories/48524
www.exploit-db.com/exploits/18647/
www.securityfocus.com/bid/52686
exchange.xforce.ibmcloud.com/vulnerabilities/74292
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
92.8%