Vulnerability Details CVE-2011-1060
SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the wsnuser cookie to index.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://evuln.com/vulns/174/summary.html
- http://secunia.com/advisories/43374
- http://securityreason.com/securityalert/8101
- http://www.securityfocus.com/archive/1/516519/100/0/threaded
- http://www.securityfocus.com/bid/46444
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65527
- http://evuln.com/vulns/174/summary.html
- http://secunia.com/advisories/43374
- http://securityreason.com/securityalert/8101
- http://www.securityfocus.com/archive/1/516519/100/0/threaded
- http://www.securityfocus.com/bid/46444
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65527
Products affected by CVE-2011-1060
-
cpe:2.3:a:webmastersite:wsn_guest:1.24