Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3881

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-3881
Last Modified 16 Jul 2012 12:00:00
Published 12 Jul 2012 03:55:07
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-3881

Summary

Multiple SQL injection vulnerabilities in RTG 0.7.4 and RTG2 0.9.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) 95.php, (2) view.php, or (3) rtg.php.

Vulnerable Systems

Application

  • Adrian Chadd Rtg 0.7.4

  • Adrian Chadd Rtg2 0.9.2


References

MISC - https://code.google.com/p/rtg2/issues/detail?id=35

MLIST - [oss-security] 20120709 CVE-2012-3881 RTG and RTG2: 95.php/rtg.php/view.php SQL injection


Last Updated: 27 May 2016 10:47:12