exploitDog

CVE-2012-3820

Опубликовано: 14 авг. 2014

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in Campaign11.exe in Arial Software Campaign Enterprise before 11.0.551 allow remote attackers to execute arbitrary SQL commands via the (1) SerialNumber field to activate.asp or (2) UID field to User-Edit.asp.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:arialsoftware:campaign_enterprise:*:*:*:*:*:*:*:*

Версия до 11.0.538 (включая)

EPSS

Процентиль: 67%

0.00535

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-689j-26wf-j42h

github

больше 3 лет назад

Multiple SQL injection vulnerabilities in Campaign11.exe in Arial Software Campaign Enterprise before 11.0.551 allow remote attackers to execute arbitrary SQL commands via the (1) SerialNumber field to activate.asp or (2) UID field to User-Edit.asp.

EPSS

Процентиль: 67%

0.00535

Низкий

7.5 High

CVSS2

Дефекты

CWE-89