CVE-2012-3471 in Ushahidiinfo

Zusammenfassung

von MITRE

Multiple SQL injection vulnerabilities in the edit functions in (1) application/controllers/admin/reports.php and (2) application/controllers/members/reports.php in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via an incident id.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

14.06.2012

Veröffentlichung

12.08.2012

Moderieren

akzeptiert

Eintrag

VDB-61552

CPE

bereit

CWE

CWE-89 (bestätigt)

CVSS

7.5 (NVD)

EPSS

0.00319

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-3471
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-3471
CVE Details	https://www.cvedetails.com/cve/CVE-2012-3471/

◂ Zurück Übersicht Weiter ▸

Interested in the pricing of exploits?

See the underground prices here!