CVE-2011-5038

Published Dec 30, 2011
Last updated 7 years ago
CVSS info 7.5
Overview

Description: SQL injection vulnerability in hitCode hitAppoint 4.5.17 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-89
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CF14A9D-BFCD-4BF1-BEFA-C733F0A06782",
            "versionEndIncluding": "4.5.17"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "518077EA-3352-40B9-9DCE-D4980604A0F8"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06A4CB74-D0D9-4963-BAE6-6343CCC326A4"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E27E414B-BA74-4FE0-B61C-F835FACB1E82"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F36A1BA0-5473-445E-92A2-6A0F388D87CF"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9EE306E-8C10-4815-8B5E-5E65F365C823"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F479DA38-0346-412A-86AD-28AB00F4D5E2"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45BDB072-DDEA-44EE-A0E1-B8030AA38E7E"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AEECEBA8-F616-404B-9D7C-198C64100D5B"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFCE325F-17F0-4956-ABC4-B9A9C58AD626"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0FD109B-44E8-41F8-A83B-7B5976BB7807"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EC4592A-7387-4E32-8969-64B55A59C4C1"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E34FAABC-C5CB-4F08-B4F2-AC306362DDB2"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20958153-7778-4101-8580-8729DDD15864"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6CC0CAE-8B35-4034-963E-2E8FF9E74B44"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7ABDB91E-8BE9-45D7-A260-D75029FD97C2"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4A0FC3C-29A2-4089-9AE2-AF900F80361D"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D786533-5819-48EB-8BEB-44B5C06B116A"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "35A6A973-1116-4FCE-94FE-3E8EF914D3BE"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA214FFC-70C9-47F9-A326-3B48BA666F10"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74DC82C2-7950-4EB6-A4CB-9DB5A6870645"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF99A868-FDB1-411F-8B3E-BACED87E988A"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A85EE1F-5067-4525-820A-BB5DB794FA50"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "729BC973-AFA6-431D-A1B6-1A05FB4899DA"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "671A68C1-1258-4E26-B62A-E51130E36A0B"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C85D0C81-6A32-4050-889F-26375E270827"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B2B7384-8CA8-429F-9F0B-483D70237734"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6875CD8-06AF-4C0B-89FF-48C68406A713"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F0D02EA-0F92-4891-A089-054C09EDC9A9"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5EA6A81-3C8B-4658-B609-9C42879E6884"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "231F8416-2B58-4687-B4F0-E66B8F0E6996"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A789B27-F984-483E-B82A-D33007805B37"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16252B41-2DA4-4170-A757-EDB8F9CC7572"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E0470A0-0EB5-4C2F-9421-D487532840FF"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21EA10D6-385D-4219-A8EC-ED0D8B3F1F95"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CC58E8E-9F03-4BB5-8C02-EF05887B9681"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D4D8D2B-5647-4A83-8686-BF470F898090"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31BEFD2B-C743-4E65-94C8-174C4B22CC5C"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD4E6991-E50B-42DA-927A-8BEC929EFE32"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC059053-4073-46BE-AFD3-6FB4F5813D80"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B66C55C0-EBA5-4A3B-AA2A-57ECC662583A"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE0C184E-E09B-49E7-A09F-22C55B0B6BCB"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78C25A7B-9340-4671-B909-31E191D4A614"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C561D171-D1D8-4656-B255-9300794806B0"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24BBD451-452C-4DAF-83F2-60918F147553"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8316B25D-9F46-432D-B101-AAAAC1F01224"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3B3C534-B869-4107-990F-E8D9C6229395"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "329E731E-2965-42AE-9C7A-5ABDFDF04704"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23456918-8ADD-4261-AFDC-79A28EBFB744"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7B20EF7-2325-4E41-AEC5-2BD65C86780E"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2177DF7-52C6-4485-B5CE-2D07C2C51872"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D919644D-13DF-415F-BF5E-55AD01E3599C"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3938B59A-5823-49AE-AC60-A2174C463DB3"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5937D77B-280E-4E56-B169-01C61C5C817D"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "969C716E-72E7-4ABC-B40C-B9BA15A0815F"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2A01796-D4FD-49F2-967F-3DF7E86ED72E"
          },
          {
            "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D876B888-8D6F-453D-844C-D2FBCE76A048"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
