CVE-2013-2226
Published May 14, 2014
Last updated 11 years ago
Overview
- Description
- Multiple SQL injection vulnerabilities in GLPI before 0.83.9 allow remote attackers to execute arbitrary SQL commands via the (1) users_id_assign parameter to ajax/ticketassigninformation.php, (2) filename parameter to front/document.form.php, or (3) table parameter to ajax/comments.php.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-89
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19FA5E3B-5F78-4D79-8507-9168136134D9",
"versionEndIncluding": "0.83.8"
},
{
"criteria": "cpe:2.3:a:glpi-project:glpi:0.83:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E14F94C4-4ED5-44A4-A017-5EC66E3210F9"
},
{
"criteria": "cpe:2.3:a:glpi-project:glpi:0.83.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B80B37D-CAF3-4109-95A9-F49E28B938C1"
},
{
"criteria": "cpe:2.3:a:glpi-project:glpi:0.83.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB316B74-8FE4-40A6-A0D3-C4CD88CB9656"
},
{
"criteria": "cpe:2.3:a:glpi-project:glpi:0.83.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D4574B9-E843-4D7A-A9E3-938051A048B0"
},
{
"criteria": "cpe:2.3:a:glpi-project:glpi:0.83.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB555723-6E7F-4D0F-92B9-BE1ACD7DBD97"
},
{
"criteria": "cpe:2.3:a:glpi-project:glpi:0.83.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9002F098-D328-413E-9A1D-14B5759C4B07"
},
{
"criteria": "cpe:2.3:a:glpi-project:glpi:0.83.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C1AC97A-6C1E-4AD4-B7E4-272224E2DBC4"
},
{
"criteria": "cpe:2.3:a:glpi-project:glpi:0.83.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D54783ED-47B3-4A86-A905-3A47BF1DFFF3"
},
{
"criteria": "cpe:2.3:a:glpi-project:glpi:0.83.31:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "692076F9-0855-45B1-B19E-63C9D3902511"
}
],
"operator": "OR"
}
]
}
]