Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-5216

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2011-5216
Last Modified 26 Oct 2012 12:00:00
Published 25 Oct 2012 01:55:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-5216

Summary

SQL injection vulnerability in ajax.php in SCORM Cloud For WordPress plugin before 1.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the active parameter. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Troyef Scorm Cloud 1.0

  • Troyef Scorm Cloud 1.0.1

  • Troyef Scorm Cloud 1.0.2

  • Troyef Scorm Cloud 1.0.3

  • Troyef Scorm Cloud 1.0.4

  • Troyef Scorm Cloud 1.0.5

  • Troyef Scorm Cloud 1.0.6

  • Troyef Scorm Cloud 1.0.6.1

  • Troyef Scorm Cloud 1.0.6.2

  • Troyef Scorm Cloud 1.0.6.3

  • Troyef Scorm Cloud 1.0.6.4

  • Troyef Scorm Cloud 1.0.6.5

  • Troyef Scorm Cloud 1.0.6.6

  • Wordpress -


References

XF - scormcloud-ajax-sql-injection(71788)

OSVDB - 77679

CONFIRM - http://wordpress.org/extend/plugins/scormcloud/changelog/

SECUNIA - 47198

CONFIRM - http://plugins.trac.wordpress.org/changeset/435356/scormcloud


Last Updated: 27 May 2016 11:01:16