{ "id": "CVE-2011-5038", "sourceIdentifier": "cve@mitre.org", "published": "2011-12-30T19:55:00.797", "lastModified": "2024-11-21T01:33:28.787", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "SQL injection vulnerability in hitCode hitAppoint 4.5.17 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." }, { "lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n SQL en hitCode hitAppoint v4.5.17 y posiblemente versiones anteriores, permite a atacantes remotos ejecutar comandos SQL a trav\u00e9s del par\u00e1metro username en index.php. NOTA: la procedencia de esta informaci\u00f3n es desconocida, los detalles son obtenidos exclusivamente de la informaci\u00f3n de terceros." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "baseScore": 7.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL" }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-89" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:*:*:*:*:*:*:*:*", "versionEndIncluding": "4.5.17", "matchCriteriaId": "0CF14A9D-BFCD-4BF1-BEFA-C733F0A06782" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "518077EA-3352-40B9-9DCE-D4980604A0F8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "06A4CB74-D0D9-4963-BAE6-6343CCC326A4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "E27E414B-BA74-4FE0-B61C-F835FACB1E82" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "F36A1BA0-5473-445E-92A2-6A0F388D87CF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "A9EE306E-8C10-4815-8B5E-5E65F365C823" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "F479DA38-0346-412A-86AD-28AB00F4D5E2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "45BDB072-DDEA-44EE-A0E1-B8030AA38E7E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "AEECEBA8-F616-404B-9D7C-198C64100D5B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "DFCE325F-17F0-4956-ABC4-B9A9C58AD626" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "F0FD109B-44E8-41F8-A83B-7B5976BB7807" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "9EC4592A-7387-4E32-8969-64B55A59C4C1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E34FAABC-C5CB-4F08-B4F2-AC306362DDB2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "20958153-7778-4101-8580-8729DDD15864" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "B6CC0CAE-8B35-4034-963E-2E8FF9E74B44" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "7ABDB91E-8BE9-45D7-A260-D75029FD97C2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "D4A0FC3C-29A2-4089-9AE2-AF900F80361D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D786533-5819-48EB-8BEB-44B5C06B116A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "35A6A973-1116-4FCE-94FE-3E8EF914D3BE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "CA214FFC-70C9-47F9-A326-3B48BA666F10" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "74DC82C2-7950-4EB6-A4CB-9DB5A6870645" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "CF99A868-FDB1-411F-8B3E-BACED87E988A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "2A85EE1F-5067-4525-820A-BB5DB794FA50" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "729BC973-AFA6-431D-A1B6-1A05FB4899DA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "671A68C1-1258-4E26-B62A-E51130E36A0B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "C85D0C81-6A32-4050-889F-26375E270827" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "9B2B7384-8CA8-429F-9F0B-483D70237734" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "E6875CD8-06AF-4C0B-89FF-48C68406A713" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "7F0D02EA-0F92-4891-A089-054C09EDC9A9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5EA6A81-3C8B-4658-B609-9C42879E6884" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "231F8416-2B58-4687-B4F0-E66B8F0E6996" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "3A789B27-F984-483E-B82A-D33007805B37" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "16252B41-2DA4-4170-A757-EDB8F9CC7572" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "7E0470A0-0EB5-4C2F-9421-D487532840FF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "21EA10D6-385D-4219-A8EC-ED0D8B3F1F95" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "7CC58E8E-9F03-4BB5-8C02-EF05887B9681" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8D4D8D2B-5647-4A83-8686-BF470F898090" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "31BEFD2B-C743-4E65-94C8-174C4B22CC5C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "CD4E6991-E50B-42DA-927A-8BEC929EFE32" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "FC059053-4073-46BE-AFD3-6FB4F5813D80" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.:*:*:*:*:*:*:*", "matchCriteriaId": "B66C55C0-EBA5-4A3B-AA2A-57ECC662583A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "BE0C184E-E09B-49E7-A09F-22C55B0B6BCB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "78C25A7B-9340-4671-B909-31E191D4A614" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "C561D171-D1D8-4656-B255-9300794806B0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "24BBD451-452C-4DAF-83F2-60918F147553" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "8316B25D-9F46-432D-B101-AAAAC1F01224" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "F3B3C534-B869-4107-990F-E8D9C6229395" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "329E731E-2965-42AE-9C7A-5ABDFDF04704" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "23456918-8ADD-4261-AFDC-79A28EBFB744" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "C7B20EF7-2325-4E41-AEC5-2BD65C86780E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.10:*:*:*:*:*:*:*", "matchCriteriaId": "C2177DF7-52C6-4485-B5CE-2D07C2C51872" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.11:*:*:*:*:*:*:*", "matchCriteriaId": "D919644D-13DF-415F-BF5E-55AD01E3599C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.12:*:*:*:*:*:*:*", "matchCriteriaId": "3938B59A-5823-49AE-AC60-A2174C463DB3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.13:*:*:*:*:*:*:*", "matchCriteriaId": "5937D77B-280E-4E56-B169-01C61C5C817D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.14:*:*:*:*:*:*:*", "matchCriteriaId": "969C716E-72E7-4ABC-B40C-B9BA15A0815F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.15:*:*:*:*:*:*:*", "matchCriteriaId": "E2A01796-D4FD-49F2-967F-3DF7E86ED72E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitcode:hitappoint:4.5.16:*:*:*:*:*:*:*", "matchCriteriaId": "D876B888-8D6F-453D-844C-D2FBCE76A048" } ] } ] } ], "references": [ { "url": "http://secunia.com/advisories/47140", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.osvdb.org/77580", "source": "cve@mitre.org" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71740", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/47140", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.osvdb.org/77580", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71740", "source": "af854a3a-2127-422b-91ae-364da2661108" } ] }