CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-5308

Multiple SQL injection vulnerabilities in cdnvote-post.php in the cdnvote plugin before 0.4.2 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) cdnvote_post_id or (2) cdnvote_point parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.2%

CVSS Severity

CVSS v2 Score 7.5

References

http://wpsecure.net/2011/02/cdnvote-plugin/
https://plugins.trac.wordpress.org/changeset/350873/cdnvote/trunk/cdnvote-post.php
https://www.htbridge.com/advisory/HTB22845
http://wpsecure.net/2011/02/cdnvote-plugin/
https://plugins.trac.wordpress.org/changeset/350873/cdnvote/trunk/cdnvote-post.php
https://www.htbridge.com/advisory/HTB22845

Products affected by CVE-2011-5308

Cdnvote Project » Cdnvote » Version: 0.1

cpe:2.3:a:cdnvote_project:cdnvote:0.1
Cdnvote Project » Cdnvote » Version: 0.2

cpe:2.3:a:cdnvote_project:cdnvote:0.2
Cdnvote Project » Cdnvote » Version: 0.3

cpe:2.3:a:cdnvote_project:cdnvote:0.3
Cdnvote Project » Cdnvote » Version: 0.4

cpe:2.3:a:cdnvote_project:cdnvote:0.4
Cdnvote Project » Cdnvote » Version: 0.4.1

cpe:2.3:a:cdnvote_project:cdnvote:0.4.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-5308

Products

Pricing

Contact Us