Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1556

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2011-1556
Last Modified 05 Apr 2011 12:00:00
Published 04 Apr 2011 08:27:38
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1556

Summary

SQL injection vulnerability in plugins/pdfClasses/pdfgen.php in Andy's PHP Knowledgebase (Aphpkb) 0.95.4 allows remote attackers to execute arbitrary SQL commands via the pdfa parameter.

Vulnerable Systems

Application

  • Aphpkb 0.95.4


References

XF - phpknowledgebase-pdfgen-sql-injection(66386)

VUPEN - ADV-2011-0823

OSVDB - 71287

EXPLOIT-DB - 17061

MISC - http://www.autosectools.com/Advisories/Andy%27s.PHP.Knowledgebase.Project.0.95.4_SQL.Injection_161.html

SECUNIA - 43879


Last Updated: 27 May 2016 10:56:22