Lucene search
MitreCVELIST:CVE-2011-5072HistoryJan 29, 2012 - 11:00 a.m.
CVE-2011-5072
2012-01-2911:00:00
mitre
www.cve.org
1
sit
sql injection
remote attackers
Multiple SQL injection vulnerabilities in Support Incident Tracker (aka SiT!) before 3.65 allow remote attackers to execute arbitrary SQL commands via the (1) start parameter to portal/kb.php; (2) contractid parameter to contract_add_service.php; (3) id parameter to edit_escalation_path.php; (4) unlock, (5) lock, or (6) selected parameter to holding_queue.php; inc parameter in a report action to (7) report_customers.php or (8) report_incidents_by_site.php; (9) start parameter to search.php; or (10) sites parameter to transactions.php.
Related
nvd
nvd
CVE-2011-5072
2012-01-29 11:55:02
cve
cve
CVE-2011-5072
2012-01-29 11:55:02
prion
prion
Sql injection
2012-01-29 11:55:00
htbridge
htbridge
Multiple Vulnerabilities in SiT! Support Incident Tracker
2011-08-24 00:00:00
exploitdb
exploitdb
sit! support incident tracker 3.64 - Multiple Vulnerabilities
2012-02-01 00:00:00
openvas
openvas
Support Incident Tracker SiT! < 3.65 Multiple Vulnerabilities - Active Check
2012-02-01 00:00:00
Support Incident Tracker SiT! Multiple SQL Injection And XSS Vulnerabilities
2012-02-01 00:00:00