Vulnerability Details : CVE-2011-5072
Multiple SQL injection vulnerabilities in Support Incident Tracker (aka SiT!) before 3.65 allow remote attackers to execute arbitrary SQL commands via the (1) start parameter to portal/kb.php; (2) contractid parameter to contract_add_service.php; (3) id parameter to edit_escalation_path.php; (4) unlock, (5) lock, or (6) selected parameter to holding_queue.php; inc parameter in a report action to (7) report_customers.php or (8) report_incidents_by_site.php; (9) start parameter to search.php; or (10) sites parameter to transactions.php.
Vulnerability category: Sql Injection
Products affected by CVE-2011-5072
- cpe:2.3:a:sitracker:support_incident_tracker:*:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.23:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.24:beta-2:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.22:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.21:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.22pl1:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.33:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.35:beta1:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.50:beta1:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.30:beta2:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.30:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.40:beta1:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.40:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.24:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.35:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.36:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.31:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.32:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.41:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.45:beta1:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.45:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.6:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.60:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.61:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.62:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.63:beta1:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.50:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.51:*:*:*:*:*:*:*
- cpe:2.3:a:sitracker:support_incident_tracker:3.63:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-5072
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 43 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-5072
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2011-5072
-
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-5072
-
http://sitracker.org/wiki/ReleaseNotes365
ReleaseNotes365 - Sit
-
http://www.securityfocus.com/archive/1/519636
SecurityFocusExploit
-
https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_sit_support_incident_tracker.html
Multiple Vulnerabilities in SiT! Support Incident Tracker - HTB23043 Security Advisory | ImmuniWebExploit
Jump to