Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2013-3727
HistoryMar 13, 2014 - 2:55 p.m.

CVE-2013-3727

2014-03-1314:55:05
CWE-89
[email protected]
web.nvd.nist.gov
27
cve-2013-3727
sql injection
kasseler cms
security vulnerability
nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.1%

JSON

SQL injection vulnerability in Kasseler CMS before 2 r1232 allows remote authenticated users to execute arbitrary SQL commands via the groups[] parameter to admin.php. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute arbitrary SQL commands.

Affected configurations

NVD
Node
kasseler-cmskasseler-cmsRange2r1223

Related

nvd 2
cvelist 2
prion 2
cve 1
exploitpack 1
htbridge 1
securityvulns 2
packetstorm 1
zdt 1
exploitdb 1
nvd
nvd
CVE-2013-3727
2014-03-13 14:55:05
CVE-2013-3729
2014-03-13 14:55:05
cvelist
cvelist
CVE-2013-3727
2014-03-13 14:00:00
CVE-2013-3729
2014-03-13 14:00:00
prion
prion
Sql injection
2014-03-13 14:55:00
Cross site request forgery (csrf)
2014-03-13 14:55:00
cve
cve
CVE-2013-3729
2014-03-13 14:55:05
exploitpack
exploitpack
Kasseler CMS 2 r1223 - Multiple Vulnerabilities
2013-07-05 00:00:00
htbridge
htbridge
Multiple Vulnerabilities in Kasseler CMS
2013-05-29 00:00:00
securityvulns
securityvulns
Multiple Vulnerabilities in Kasseler CMS
2013-07-15 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2013-07-15 00:00:00
packetstorm
packetstorm
Kasseler CMS 2 r1223 CSRF / XSS / SQL Injection
2013-07-03 00:00:00
zdt
zdt
Kasseler CMS 2 r1223 CSRF / XSS / SQL Injection Vulnerabilities
2013-07-03 00:00:00
exploitdb
exploitdb
Kasseler CMS 2 r1223 - Multiple Vulnerabilities
2013-07-05 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.1%

JSON
Related for CVE-2013-3727
nvd2cvelist2prion2cve1exploitpack1htbridge1securityvulns2packetstorm1zdt1exploitdb1