CVE-2013-7175

{"id": "CVE-2013-7175", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-01-24T04:38:09.637", "references": [{"url": "http://osvdb.org/102414", "source": "cret@cert.org"}, {"url": "http://www.kb.cert.org/vuls/id/869702", "tags": ["Third Party Advisory", "US Government Resource"], "source": "cret@cert.org"}, {"url": "http://www.securityfocus.com/bid/65104", "source": "cret@cert.org"}, {"url": "http://osvdb.org/102414", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/869702", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/65104", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in Avanset Visual CertExam Manager 3.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) Title, (2) File name, or (3) Candidate Name field."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en Avanset CertExam Visual Manager 3.3 y anteriores permiten a usuarios remotos autenticados ejecutar comandos SQL a trav\u00e9s del (1) campo T\u00edtulo, (2) campo nombre de fichero , o (3) Campo Nombre de Candidato"}], "lastModified": "2024-11-21T02:00:26.200", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7DE8CB46-0F31-47DB-830B-F1B2D54A1908", "versionEndIncluding": "3.3"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0CEDF50-8532-47AC-B43E-28E35AC16B63"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1DC73879-2D57-40AB-9024-62EFB838B218"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:2.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F17616D2-A648-47B6-9A38-4E57FEF4C843"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36AB6000-73F5-457E-BA9C-3CF1E6DA05EC"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEFDF49F-FDA8-406F-AA0A-2AC678D48C9E"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:2.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FEB69F82-5412-400C-A4F8-607668C8E6E9"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:2.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1F42750-1518-4FD3-9EA1-CBE5087DF27C"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5996B9F0-D887-42CB-966B-2031AE527CB7"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D21BF557-72EB-4F68-BAC8-D8FF27EFF0BC"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37C12054-3B53-4361-8674-A304025FAC4D"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:2.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F260636-B840-4222-9F72-5BEE299AC227"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:2.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44749927-5B8A-4EF4-B751-067D0D950B8C"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A053F737-8C20-4AE4-B7F3-16B775B00D4B"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A798DC0B-0D62-45A6-8620-32D961BF1176"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE4E4666-DADC-49B8-9B3A-741A60752DAB"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEDF6DD4-7B84-4F9F-94C3-B16BE4341EDC"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A4FF62A-1118-4F60-B099-0C536D2E6551"}, {"criteria": "cpe:2.3:a:avanset:visual_certexam_manager:3.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCD93517-1417-4E35-A0AA-39B5B5B502F5"}], "operator": "OR"}]}], "sourceIdentifier": "cret@cert.org"}