CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-5121

SQL injection vulnerability in PHPFox before 3.6.0 (build6) allows remote attackers to execute arbitrary SQL commands via the search[sort_by] parameter to user/browse/view_/.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.9%

CVSS Severity

CVSS v2 Score 7.5

References

http://archives.neohapsis.com/archives/bugtraq/2013-08/0048.html
http://osvdb.org/96028
http://www.exploit-db.com/exploits/27430
http://www.securityfocus.com/bid/61660
http://archives.neohapsis.com/archives/bugtraq/2013-08/0048.html
http://osvdb.org/96028
http://www.exploit-db.com/exploits/27430
http://www.securityfocus.com/bid/61660

Products affected by CVE-2013-5121

Phpfox » Phpfox » Version: 3.6.0

cpe:2.3:a:phpfox:phpfox:3.6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-5121

Products

Pricing

Contact Us