Информационная безопасность
[RU] switch to English


CVECVE-2015-7319
СтатусCandidate
ОписаниеSQL injection vulnerability in cpabc_appointments_admin_int_calendar_list.inc.php in the Appointment Booking Calendar plugin before 1.1.8 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to updating the username.
Важность
High
CVSS score7,5
CVSS vector(AV:N/AC:L/Au:N/C:P/I:P/A:P)
PhaseAssigned (22.09.2015)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7319
ReferencesBUGTRAQ : 20150926 CVE-2015-7319 - SQL Injection in Appointment Booking Calendar 1.1.7 WordPress plugin
 CONFIRM : https://wordpress.org/plugins/appointment-booking-...
SecurityVulns:Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород