Cpe Name:
cpe:/a:sitracker:support_incident_tracker:3.65
Copy Results
Download Results
Select Table
| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2011-5075 |
|
1
|
+Info |
2012-01-29 |
2012-02-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to obtain sensitive information via a direct request using the save action, which reveals the installation path. |
|
2 |
CVE-2011-4337 |
94 |
1
|
|
2012-01-29 |
2012-02-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Static code injection vulnerability in translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to inject arbitrary PHP code into an executable language file in the i18n directory via the lang variable. |
|
3 |
CVE-2011-3833 |
|
2
|
Exec Code |
2012-01-28 |
2012-02-02 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
|
Unrestricted file upload vulnerability in ftp_upload_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to execute arbitrary PHP code by uploading a PHP file, then accessing it via a direct request to the file in an unspecified directory. |
|
4 |
CVE-2011-3829 |
200 |
2
|
+Info |
2012-01-28 |
2012-02-02 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
ftp_upload_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to obtain sensitive information via the file name, which reveals the installation path in an error message. |
Total number of vulnerabilities :
4
Page :
1
(This Page)
