CVE-2011-1100

{"id": "CVE-2011-1100", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-02-25T17:00:01.777", "references": [{"url": "http://www.exploit-db.com/exploits/16160", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-4992.php", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65474", "source": "cve@mitre.org"}, {"url": "http://www.exploit-db.com/exploits/16160", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-4992.php", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65474", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) selectfmon, or (5) selectftag parameter in an images action."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en admin/index.php en Pixelpost v1.7.3, permite a usuarios remotos autenticados ejecutar comandos SQL a trav\u00e9s del par\u00e1metro (1) findfid, (2) id, (3) selectfcat, (4) selectfmon, o (5) selectftag en una acci\u00f3n images."}], "lastModified": "2024-11-21T01:25:31.607", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pixelpost:pixelpost:1.7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "412664AB-2B05-452E-BF5A-03D114510BC1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}