Lucene search
MitreCVE-2012-5865HistoryOct 20, 2014 - 3:55 p.m.
CVE-2012-5865
2014-10-2015:55:04
CWE-89
mitre
web.nvd.nist.gov
34
cve-2012-5865
sql injection
achievo 1.4.5
remote authenticated users
arbitrary sql commands
dispatch.php
security vulnerability
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.001
Percentile
42.1%
SQL injection vulnerability in dispatch.php in Achievo 1.4.5 allows remote authenticated users to execute arbitrary SQL commands via the activityid parameter in a stats action.
Affected configurations
Node
achievoachievoMatch1.4.5
Related
cvelist
cvelist
CVE-2012-5865
2014-10-20 15:00:00
nvd
nvd
CVE-2012-5865
2014-10-20 15:55:04
dsquare
dsquare
Achievo 1.4.5 LFI
2012-11-09 00:00:00
prion
prion
Sql injection
2014-10-20 15:55:00
packetstorm
packetstorm
Achievo 1.4.5 Cross Site Scripting / SQL Injection
2012-12-07 00:00:00
zdt
zdt
Achievo 1.4.5 Cross Site Scripting / SQL Injection Vulnerabilities
2012-12-07 00:00:00
securityvulns
securityvulns
Multiple vulnerabilities in Achievo
2012-12-10 00:00:00
exploitpack
exploitpack
Achievo 1.4.5 - Multiple Vulnerabilities (2)
2012-12-09 00:00:00
htbridge
htbridge
Multiple vulnerabilities in Achievo
2012-11-14 00:00:00
exploitdb
exploitdb
Achievo 1.4.5 - Multiple Vulnerabilities (2)
2012-12-09 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.001
Percentile
42.1%
Related for CVE-2012-5865