doorGets 7.0 commentView.php sql injection

entryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in doorGets 7.0 and classified as critical. Affected by this vulnerability is an unknown code of the file /doorgets/app/views/ajax/commentView.php. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
893005006/05/2020VulD...discoverydate155606400006/05/2020accepted100
893010005/01/2019VulD...cvss3_nvd_basescore7.5nist.gov05/01/2019accepted90
893009905/01/2019VulD...0day_days605/01/2019accepted90
893009805/01/2019VulD...cvss3_vuldb_rcX05/01/2019accepted90
893009705/01/2019VulD...cvss3_vuldb_rlX05/01/2019accepted90
893009605/01/2019VulD...cvss3_vuldb_eX05/01/2019accepted90
893009505/01/2019VulD...cvss2_vuldb_rcND05/01/2019accepted90
893009405/01/2019VulD...cvss2_vuldb_rlND05/01/2019accepted90
893009305/01/2019VulD...cvss2_vuldb_eND05/01/2019accepted90
893009205/01/2019VulD...seealso134261 134260 134259 134258 134256 134255 134254 13425305/01/2019accepted100
893009105/01/2019VulD...cve_nvd_summarydoorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/commentView.php. A remote unauthorized attacker could exploit the vulnerability to obtain database sensitive information.mitre.org05/01/2019accepted100
893009005/01/2019VulD...cve_assigned1556582400mitre.org05/01/2019accepted100
893008905/01/2019VulD...cveCVE-2019-11614mitre.org05/01/2019accepted100
893008805/01/2019VulD...price_0day$0-$5ksee documentation05/01/2019accepted100
893008705/01/2019VulD...date1556582400 (04/30/2019)05/01/2019accepted100
893008605/01/2019VulD...cvss3_nvd_aNnist.gov05/01/2019accepted100
893008505/01/2019VulD...cvss3_nvd_iNnist.gov05/01/2019accepted100
893008405/01/2019VulD...cvss3_nvd_cHnist.gov05/01/2019accepted100
893008305/01/2019VulD...cvss3_nvd_sUnist.gov05/01/2019accepted100
893008205/01/2019VulD...cvss3_nvd_uiNnist.gov05/01/2019accepted100

Interested in the pricing of exploits?

See the underground prices here!