CVE-2015-1471

SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://sroesemann.blogspot.de/2015/02/advisory-for-sroeadv-2015-11.html	Exploit
https://github.com/delta/pragyan/commit/c93bc100ec93fc78940fbdca9b6b009101858309
http://sroesemann.blogspot.de/2015/01/sroeadv-2015-11.html	Exploit
http://seclists.org/fulldisclosure/2015/Feb/18
https://github.com/delta/pragyan/issues/206
http://seclists.org/oss-sec/2015/q1/402
http://pastebin.com/ip2gGYuS	Exploit

Configurations

Configuration 1 (hide)

cpe:2.3:a:pragyan_cms_project:pragyan_cms:3.0:*:*:*:*:*:*:*

Information

Published : 2015-02-12 08:59

Updated : 2015-02-13 12:57

NVD link : CVE-2015-1471

Mitre link : CVE-2015-1471

JSON object : View

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Products Affected

pragyan_cms_project

pragyan_cms

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://sroesemann.blogspot.de/2015/02/advisory-for-sroeadv-2015-11.html", "name": "http://sroesemann.blogspot.de/2015/02/advisory-for-sroeadv-2015-11.html", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "https://github.com/delta/pragyan/commit/c93bc100ec93fc78940fbdca9b6b009101858309", "name": "https://github.com/delta/pragyan/commit/c93bc100ec93fc78940fbdca9b6b009101858309", "tags": [], "refsource": "CONFIRM"}, {"url": "http://sroesemann.blogspot.de/2015/01/sroeadv-2015-11.html", "name": "http://sroesemann.blogspot.de/2015/01/sroeadv-2015-11.html", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "http://seclists.org/fulldisclosure/2015/Feb/18", "name": "20150203 SQL injection vulnerability in Pragyan CMS v.3.0", "tags": [], "refsource": "FULLDISC"}, {"url": "https://github.com/delta/pragyan/issues/206", "name": "https://github.com/delta/pragyan/issues/206", "tags": [], "refsource": "MISC"}, {"url": "http://seclists.org/oss-sec/2015/q1/402", "name": "[oss-security] 20150203 Re: CVE-Request -- Pragyan CMS v.3.0 -- SQL injection vulnerability", "tags": [], "refsource": "MLIST"}, {"url": "http://pastebin.com/ip2gGYuS", "name": "http://pastebin.com/ip2gGYuS", "tags": ["Exploit"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-89"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2015-1471", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2015-02-12T16:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:pragyan_cms_project:pragyan_cms:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2015-02-13T20:57Z"}

7.5 /10