Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2013-3525

Опубликовано: 10 мая 2013
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5

Описание

SQL injection vulnerability in Approvals/ in Request Tracker (RT) 4.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ShowPending parameter. NOTE: the vendor disputes this issue, stating "We were unable to replicate it, and the individual that reported it retracted their report," and "we had verified that the claimed exploit did not function according to the author's claims.

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

lucid

ignored

end of life
precise

ignored

end of life
precise/esm

DNE

precise was needs-triage
quantal

DNE

raring

DNE

saucy

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
devel

not-affected

4.0.19-1
esm-apps/xenial

not-affected

4.0.19-1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [4.0.19-1]]
lucid

DNE

precise

ignored

end of life
precise/esm

DNE

precise was needed
quantal

ignored

end of life
raring

ignored

end of life
saucy

not-affected

4.0.13-1
trusty

not-affected

4.0.19-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 81%
0.01525
Низкий

7.5 High

CVSS2

Связанные уязвимости

nvd логотип

CVE-2013-3525

nvd
больше 12 лет назад

SQL injection vulnerability in Approvals/ in Request Tracker (RT) 4.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ShowPending parameter. NOTE: the vendor disputes this issue, stating "We were unable to replicate it, and the individual that reported it retracted their report," and "we had verified that the claimed exploit did not function according to the author's claims.

debian логотип

CVE-2013-3525

debian
больше 12 лет назад

SQL injection vulnerability in Approvals/ in Request Tracker (RT) 4.0. ...

github логотип

GHSA-74vr-hr74-r4mf

github
больше 3 лет назад

** DISPUTED ** SQL injection vulnerability in Approvals/ in Request Tracker (RT) 4.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ShowPending parameter. NOTE: the vendor disputes this issue, stating "We were unable to replicate it, and the individual that reported it retracted their report," and "we had verified that the claimed exploit did not function according to the author's claims."

EPSS

Процентиль: 81%
0.01525
Низкий

7.5 High

CVSS2