Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-5117

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2013-5117
Last Modified 13 Mar 2014 12:06:44
Published 12 Mar 2014 10:55:30
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-5117

Summary

SQL injection vulnerability in the RSS page (DNNArticleRSS.aspx) in the ZLDNN DNNArticle module before 10.1 for DotNetNuke allows remote attackers to execute arbitrary SQL commands via the categoryid parameter.

Vulnerable Systems

Application

  • Zldnn Dnnarticle 10.0


References

CONFIRM - http://www.zldnn.com/ViewArticle/Solution-for-DNNArticle-RSS-Security-Issue.aspx

BID - 61788

EXPLOIT-DB - 27602

FULLDISC - 20130902 DotNetNuke (DNNArticle Module) SQL Injection Vulnerability

OSVDB - 96306


Last Updated: 27 May 2016 11:04:39