Lucene search
HistoryNov 17, 2012 - 9:55 p.m.
CVE-2012-5910
sql injection
vulnerability
b2evolution 4.1.3
remote authenticated users
execute arbitrary sql commands
nvd
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.2 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
65.7%
SQL injection vulnerability in blogs/htsrv/viewfile.php in b2evolution 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via the root parameter.
Affected configurations
Node
b2evolutionb2evolutionMatch4.1.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| b2evolution:b2evolution | b2evolution | eq | 4.1.3 |
Related
prion
prion
Sql injection
2012-11-17 21:55:00
cvelist
cvelist
CVE-2012-5910
2012-11-17 21:00:00
nvd
nvd
CVE-2012-5910
2012-11-17 21:55:05
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.2 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
65.7%
Related for CVE-2012-5910