CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-3477

SQL injection vulnerability in signup_check.php in NeoInvoice allows remote attackers to execute arbitrary SQL commands via the value parameter in a username action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.3%

CVSS Severity

CVSS v2 Score 7.5

References

http://adamcaudill.com/2012/08/12/neoinvoice-blind-sql-injection-cve-2012-3477/
http://archives.neohapsis.com/archives/bugtraq/2012-08/0087.html
http://adamcaudill.com/2012/08/12/neoinvoice-blind-sql-injection-cve-2012-3477/
http://archives.neohapsis.com/archives/bugtraq/2012-08/0087.html

Products affected by CVE-2012-3477

Thomas Hunter » Neoinvoice » Version: N/A

cpe:2.3:a:thomas_hunter:neoinvoice:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-3477

Products

Pricing

Contact Us