Vulnerability Details CVE-2011-5213
Multiple SQL injection vulnerabilities in BrowserCRM 5.100.01 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) login[username] parameter to index.php, (2) parent_id parameter to modules/Documents/version_list.php, or (3) contact_id parameter to modules/Documents/index.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 82.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/77733
- http://osvdb.org/77734
- http://osvdb.org/77735
- http://secunia.com/advisories/47217
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71828
- https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_browser_crm.html
- http://osvdb.org/77733
- http://osvdb.org/77734
- http://osvdb.org/77735
- http://secunia.com/advisories/47217
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71828
- https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_browser_crm.html
Products affected by CVE-2011-5213
-
cpe:2.3:a:browsercrm:browsercrm:*
-
cpe:2.3:a:browsercrm:browsercrm:4.604.01
-
cpe:2.3:a:browsercrm:browsercrm:4.605.00
-
cpe:2.3:a:browsercrm:browsercrm:4.607.00
-
cpe:2.3:a:browsercrm:browsercrm:4.610.00
-
cpe:2.3:a:browsercrm:browsercrm:4.611.01
-
cpe:2.3:a:browsercrm:browsercrm:4.612.00
-
cpe:2.3:a:browsercrm:browsercrm:4.614.00
-
cpe:2.3:a:browsercrm:browsercrm:4.615.10
-
cpe:2.3:a:browsercrm:browsercrm:4.615.11
-
cpe:2.3:a:browsercrm:browsercrm:4.616.00
-
cpe:2.3:a:browsercrm:browsercrm:4.617.00
-
cpe:2.3:a:browsercrm:browsercrm:4.619.00
-
cpe:2.3:a:browsercrm:browsercrm:4.620.01
-
cpe:2.3:a:browsercrm:browsercrm:4.622.00
-
cpe:2.3:a:browsercrm:browsercrm:4.624.00
-
cpe:2.3:a:browsercrm:browsercrm:4.624.01
-
cpe:2.3:a:browsercrm:browsercrm:4.624.50
-
cpe:2.3:a:browsercrm:browsercrm:4.624.60
-
cpe:2.3:a:browsercrm:browsercrm:4.624.70
-
cpe:2.3:a:browsercrm:browsercrm:4.624.80
-
cpe:2.3:a:browsercrm:browsercrm:4.624.90
-
cpe:2.3:a:browsercrm:browsercrm:4.691.01
-
cpe:2.3:a:browsercrm:browsercrm:4.999.20
-
cpe:2.3:a:browsercrm:browsercrm:5.000.00
-
cpe:2.3:a:browsercrm:browsercrm:5.000.01
-
cpe:2.3:a:browsercrm:browsercrm:5.001.00
-
cpe:2.3:a:browsercrm:browsercrm:5.002.00
-
cpe:2.3:a:browsercrm:browsercrm:5.100.00