Sql injection

2007-02-0818:28:00

PRIOn knowledge base

www.prio-n.com

9 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.5%

JSON

SQL injection vulnerability in mod/PM/reply.php in Open Tibia Server CMS (OTSCMS) 2.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to priv.php.

CPENameOperatorVersion
open_tibia_server_cmseq2.1.3
open_tibia_server_cmseq2.1.5
open_tibia_server_cmseq2.0
open_tibia_server_cmseq2.1.4

Name	Operator	Version
open_tibia_server_cms	eq	2.1.3
open_tibia_server_cms	eq	2.1.5
open_tibia_server_cms	eq	2.0
open_tibia_server_cms	eq	2.1.4

References

osvdb.org/33169

secunia.com/advisories/24116

www.securityfocus.com/bid/22450

exchange.xforce.ibmcloud.com/vulnerabilities/32322

www.exploit-db.com/exploits/3283