Lucene search
MitreCVE-2012-2236HistoryApr 20, 2012 - 10:55 a.m.
CVE-2012-2236
2012-04-2010:55:00
CWE-89
mitre
web.nvd.nist.gov
25
cve-2012-2236
sql injection
php gift registry 1.5.5
users.php
remote authenticated users
nvd
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.001
Percentile
33.1%
SQL injection vulnerability in users.php in PHP Gift Registry 1.5.5 allows remote authenticated users to execute arbitrary SQL commands via the userid parameter in an edit action.
Affected configurations
Node
ryan_walbergphp_gift_registryMatch1.5.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ryan_walberg | php_gift_registry | 1.5.5 | cpe:2.3:a:ryan_walberg:php_gift_registry:1.5.5:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
PHP Gift Registry 1.5.5 - SQL Injection
2012-02-24 00:00:00
prion
prion
Sql injection
2012-04-20 10:55:00
packetstorm
packetstorm
PHP Gift Registry 1.5.5 SQL Injection
2012-02-24 00:00:00
cvelist
cvelist
CVE-2012-2236
2012-04-20 10:00:00
nvd
nvd
CVE-2012-2236
2012-04-20 10:55:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.001
Percentile
33.1%
Related for CVE-2012-2236