doorGets 7.0 contactView.php sql injektion

inträdeeditHistoryDiffjsonxmlCTI

Det var en kritiskt svag punkt som finns i doorGets 7.0. Som påverkar en okänd funktion filen /doorgets/app/views/ajax/contactView.php. Det finns inga kända uppgifter om åtgärder. Användningen av en alternativ produkt är användbar.

Fält01/05/2019 13:5505/06/2020 09:34
namedoorGetsdoorGets
version7.07.0
file/doorgets/app/views/ajax/contactView.php/doorgets/app/views/ajax/contactView.php
cwe89 (sql injektion)89 (sql injektion)
risk22
cvss2_vuldb_basescore6.06.0
cvss2_vuldb_tempscore6.06.0
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auSS
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_nvd_avNN
cvss2_nvd_acLL
cvss2_nvd_auSS
cvss2_nvd_ciPP
cvss2_nvd_iiNN
cvss2_nvd_aiNN
cvss3_meta_basescore6.46.4
cvss3_meta_tempscore6.46.4
cvss3_vuldb_basescore6.36.3
cvss3_vuldb_tempscore6.36.3
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prLL
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_nvd_avNN
cvss3_nvd_acLL
cvss3_nvd_prLL
cvss3_nvd_uiNN
cvss3_nvd_sUU
cvss3_nvd_cHH
cvss3_nvd_iNN
cvss3_nvd_aNN
date1556582400 (30/04/2019)1556582400 (30/04/2019)
price_0day$0-$5k$0-$5k
cveCVE-2019-11613CVE-2019-11613
cve_assigned15565824001556582400
cve_nvd_summarydoorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/contactView.php. A remote normal registered user could exploit the vulnerability to obtain database sensitive information.doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/contactView.php. A remote normal registered user could exploit the vulnerability to obtain database sensitive information.
seealso134260 134259 134258 134257 134255 134254 134253 134252134260 134259 134258 134257 134255 134254 134253 134252
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
0day_days66
cvss3_nvd_basescore6.56.5
discoverydate1556064000

Do you want to use VulDB in your project?

Use the official API to access entries easily!