Vulnerability Details CVE-2012-1670
admin/index.php in PHP Grade Book before 1.9.5 BETA allows remote attackers to read the database via a SaveSQL action.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.155
EPSS Ranking 94.4%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/bugtraq/2012-03/0115.html
- http://downloads.sourceforge.net/project/php-gradebook/phpGradeBook%20-%20BETA/1.9.5/phpGradeBook1.9.5.zip
- http://osvdb.org/80311
- http://secunia.com/advisories/48524
- http://www.exploit-db.com/exploits/18647/
- http://www.securityfocus.com/bid/52686
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74292
- http://archives.neohapsis.com/archives/bugtraq/2012-03/0115.html
- http://downloads.sourceforge.net/project/php-gradebook/phpGradeBook%20-%20BETA/1.9.5/phpGradeBook1.9.5.zip
- http://osvdb.org/80311
- http://secunia.com/advisories/48524
- http://www.exploit-db.com/exploits/18647/
- http://www.securityfocus.com/bid/52686
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74292
Products affected by CVE-2012-1670
-
cpe:2.3:a:phpgradebook:php_grade_book:*
-
cpe:2.3:a:phpgradebook:php_grade_book:1.9.3