Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5000

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-5000
Last Modified 21 Sep 2012 12:00:00
Published 19 Sep 2012 03:55:08
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-5000

Summary

SQL injection vulnerability in jokes/index.php in the Witze addon 0.9 for deV!L'z Clanportal allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action.

Vulnerable Systems

Application

  • Blueteck Witze Addon 0.9


References

XF - devilzclanportalwitze-index-sql-injection(73681)

BID - 52286

OSVDB - 79807

EXPLOIT-DB - 18558

SECUNIA - 48233


Last Updated: 27 May 2016 11:00:44