CVE-2011-5213

Multiple SQL injection vulnerabilities in BrowserCRM 5.100.01 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) login[username] parameter to index.php, (2) parent_id parameter to modules/Documents/version_list.php, or (3) contact_id parameter to modules/Documents/index.php.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:browsercrm:browsercrm:5.001.00:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:5.000.01:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.624.60:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.624.50:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.616.00:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.615.11:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.615.10:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.604.01:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:5.000.00:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.999.20:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.624.01:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.612.00:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.605.00:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.624.90:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.620.01:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.622.00:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.611.01:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.691.01:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.624.00:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:*:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:5.002.00:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.607.00:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:5.100.00:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.610.00:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.619.00:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.624.80:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.617.00:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.624.70:*:*:*:*:*:*:*
cpe:2.3:a:browsercrm:browsercrm:4.614.00:*:*:*:*:*:*:*

Information

Published : 2012-10-25 10:55

Updated : 2017-08-28 18:30


NVD link : CVE-2011-5213

Mitre link : CVE-2011-5213


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

browsercrm

  • browsercrm