Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-5200

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2011-5200
Last Modified 15 Oct 2012 12:00:00
Published 23 Sep 2012 01:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-5200

Summary

Multiple SQL injection vulnerabilities in DeDeCMS, possibly 5.6, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) list.php, (2) members.php, or (3) book.php.

Vulnerable Systems

Application

  • Dedecms 5.1

  • Dedecms 5.3

  • Dedecms 5.5

  • Dedecms 5.6


References

XF - dedecms-multiple-sql-injection(72034)

BID - 51211

OSVDB - 82508

OSVDB - 82507

OSVDB - 82506

EXPLOIT-DB - 18292


Last Updated: 27 May 2016 11:00:47