CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-5183

Multiple SQL injection vulnerabilities in OrderSys 1.6.4 and earlier allow remote attackers to execute arbitrary SQL commands via the where_clause parameter to (1) index.php, (2) index_long.php, or (3) index_short.php in ordering/interface_creator/.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.7%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.bioinformatics.org/phplabware/labwiki/index.php?page=release_notes
http://www.exploit-db.com/exploits/18091
http://www.bioinformatics.org/phplabware/labwiki/index.php?page=release_notes
http://www.exploit-db.com/exploits/18091

Products affected by CVE-2011-5183

Bioinformatics » Ordersys » Version: 1.5.5

cpe:2.3:a:bioinformatics:ordersys:1.5.5
Bioinformatics » Ordersys » Version: 1.5.6

cpe:2.3:a:bioinformatics:ordersys:1.5.6
Bioinformatics » Ordersys » Version: 1.6

cpe:2.3:a:bioinformatics:ordersys:1.6
Bioinformatics » Ordersys » Version: 1.6.1

cpe:2.3:a:bioinformatics:ordersys:1.6.1
Bioinformatics » Ordersys » Version: 1.6.2

cpe:2.3:a:bioinformatics:ordersys:1.6.2
Bioinformatics » Ordersys » Version: 1.6.3

cpe:2.3:a:bioinformatics:ordersys:1.6.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-5183

Products

Pricing

Contact Us