CVE-2011-0510

Опубликовано: 20 янв. 2011

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in cart.php in Advanced Webhost Billing System (AWBS) 2.9.2 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the oid parameter in an add_other action.

Ссылки

http://secunia.com/advisories/42944
Vendor Advisory
http://www.exploit-db.com/exploits/16003
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/64726
http://secunia.com/advisories/42944
Vendor Advisory
http://www.exploit-db.com/exploits/16003
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/64726

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:awbs:advanced_webhost_billing_system:*:*:*:*:*:*:*:*

Версия до 2.9.2 (включая)

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.0:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.0.5:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.0.6:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.1.0:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.2.0:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.2.1:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.2.2:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.2.3:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.3.0:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.3.1:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.3.2:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.3.3:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.4.0:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.4.1:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.5:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.5.0:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.5.1:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.6.0:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.6.1:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.6.2:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.6.3:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.7:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.7.0:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.7.1:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.7.2:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.7.3:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.7.4:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.7.5:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.8.0:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.8.1:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.8.2:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.8.3:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.8.4:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.8.5:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.9.0:*:*:*:*:*:*:*

cpe:2.3:a:awbs:advanced_webhost_billing_system:2.9.1:*:*:*:*:*:*:*

EPSS

Процентиль: 79%

0.01199

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-cfqr-x5f5-23cm

github

больше 3 лет назад