CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
88.2%
Multiple SQL injection vulnerabilities in GoAutoDial GoAdmin CE before 3.3-1421902800 allow remote attackers to execute arbitrary SQL commands via the (1) user_name or (2) user_pass parameter in go_login.php or the PATH_INFO to (3) go_login/validate_credentials/admin/ or (4) index.php/go_site/go_get_user_info/.
Vendor | Product | Version | CPE |
---|---|---|---|
goautodial | goadmin_ce | 3.0 | cpe:2.3:a:goautodial:goadmin_ce:3.0:*:*:*:*:*:*:* |
goautodial | goadmin_ce | 3.3 | cpe:2.3:a:goautodial:goadmin_ce:3.3:*:*:*:*:*:*:* |