doorGets 7.0 commentView.php sql injection

entryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in doorGets 7.0 and classified as critical. Affected by this vulnerability is an unknown code of the file /doorgets/app/views/ajax/commentView.php. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field05/01/2019 01:55 PM06/05/2020 09:37 AM
version7.07.0
file/doorgets/app/views/ajax/commentView.php/doorgets/app/views/ajax/commentView.php
cwe89 (sql injection)89 (sql injection)
risk22
cvss2_vuldb_basescore6.86.8
cvss2_vuldb_tempscore6.86.8
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_nvd_avNN
cvss2_nvd_acLL
cvss2_nvd_auNN
cvss2_nvd_ciPP
cvss2_nvd_iiNN
cvss2_nvd_aiNN
cvss3_meta_basescore7.47.4
cvss3_meta_tempscore7.47.4
cvss3_vuldb_basescore7.37.3
cvss3_vuldb_tempscore7.37.3
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_nvd_avNN
cvss3_nvd_acLL
cvss3_nvd_prNN
cvss3_nvd_uiNN
cvss3_nvd_sUU
cvss3_nvd_cHH
cvss3_nvd_iNN
cvss3_nvd_aNN
date1556582400 (04/30/2019)1556582400 (04/30/2019)
price_0day$0-$5k$0-$5k
cveCVE-2019-11614CVE-2019-11614
cve_assigned15565824001556582400
cve_nvd_summarydoorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/commentView.php. A remote unauthorized attacker could exploit the vulnerability to obtain database sensitive information.doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/commentView.php. A remote unauthorized attacker could exploit the vulnerability to obtain database sensitive information.
seealso134261 134260 134259 134258 134256 134255 134254 134253134261 134260 134259 134258 134256 134255 134254 134253
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
0day_days66
cvss3_nvd_basescore7.57.5
namedoorGetsdoorGets
discoverydate1556064000

Want to stay up to date on a daily basis?

Enable the mail alert feature now!