exploitDog

CVE-2011-5091

Опубликовано: 24 мая 2012

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in GR Board (aka grboard) 1.8.6.5 Community Edition allow remote attackers to execute arbitrary SQL commands via the (1) tableType or (2) blindTarget parameter to view.php, (3) the delTargets[0] parameter to view_memo.php, or (4) the isReported parameter to write_ok.php.

Ссылки

http://sirini.net/grboard/board.php?id=developer&articleNo=591
Exploit
URL Repurposed
https://exchange.xforce.ibmcloud.com/vulnerabilities/75855
http://sirini.net/grboard/board.php?id=developer&articleNo=591
Exploit
URL Repurposed
https://exchange.xforce.ibmcloud.com/vulnerabilities/75855

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:grboard:grboard:1.8.6.5:*:community:*:*:*:*:*

EPSS

Процентиль: 54%

0.00319

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-jcjh-5f4j-hpqj

github

больше 3 лет назад

Multiple SQL injection vulnerabilities in GR Board (aka grboard) 1.8.6.5 Community Edition allow remote attackers to execute arbitrary SQL commands via the (1) tableType or (2) blindTarget parameter to view.php, (3) the delTargets[0] parameter to view_memo.php, or (4) the isReported parameter to write_ok.php.

EPSS

Процентиль: 54%

0.00319

Низкий

7.5 High

CVSS2

Дефекты

CWE-89