CVE-2013-1349

Published Dec 9, 2013

Last updated 4 years ago

Overview

Description: Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-94

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:os4ed:opensis:4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B0B1473-896E-488C-AC2B-0B8378455AF4"
          },
          {
            "criteria": "cpe:2.3:a:os4ed:opensis:4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF6150E4-6B40-4469-AD92-0FFD2900B49B"
          },
          {
            "criteria": "cpe:2.3:a:os4ed:opensis:4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3EB20CAC-525B-48FC-8E0B-44BA875E265B"
          },
          {
            "criteria": "cpe:2.3:a:os4ed:opensis:4.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "819A8192-C88E-44CF-B2DA-796C9C7B6535"
          },
          {
            "criteria": "cpe:2.3:a:os4ed:opensis:4.8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7FE3759-BC19-4485-93C3-91136E871EE4"
          },
          {
            "criteria": "cpe:2.3:a:os4ed:opensis:4.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25241CA1-DFA1-48AE-9BEB-5399ABDBB6D0"
          },
          {
            "criteria": "cpe:2.3:a:os4ed:opensis:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0EF8D33-1078-4FF0-8E22-1B9941CC2767"
          },
          {
            "criteria": "cpe:2.3:a:os4ed:opensis:5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B841BDCF-5102-4539-8730-4ECBB2DADA60"
          },
          {
            "criteria": "cpe:2.3:a:os4ed:opensis:5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A455C0A2-8CF4-4AC2-A2A7-80F91F89F79B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References