Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
12 vulnerabilities found for netvolution by atcom
CVE-2014-2318 (GCVE-0-2014-2318)
Vulnerability from nvd – Published: 2014-03-10 14:00 – Updated: 2024-08-06 10:06
VLAI
Summary
SQL injection vulnerability in ATCOM Netvolution 3 allows remote attackers to execute arbitrary SQL commands via the m parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/65942 | vdb-entryx_refsource_BID |
| http://packetstormsecurity.com/files/125507 | x_refsource_MISC |
Date Public
2014-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:06:00.422Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netvolution-m-sql-injection(91543)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91543"
},
{
"name": "65942",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65942"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/125507"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in ATCOM Netvolution 3 allows remote attackers to execute arbitrary SQL commands via the m parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netvolution-m-sql-injection(91543)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91543"
},
{
"name": "65942",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65942"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/125507"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2318",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in ATCOM Netvolution 3 allows remote attackers to execute arbitrary SQL commands via the m parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netvolution-m-sql-injection(91543)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91543"
},
{
"name": "65942",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65942"
},
{
"name": "http://packetstormsecurity.com/files/125507",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/125507"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2318",
"datePublished": "2014-03-10T14:00:00.000Z",
"dateReserved": "2014-03-10T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:06:00.422Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3340 (GCVE-0-2011-3340)
Vulnerability from nvd – Published: 2011-10-21 10:00 – Updated: 2024-08-06 23:29
VLAI
Summary
SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/519984/100… | mailing-listx_refsource_BUGTRAQ |
| http://census-labs.com/news/2011/10/03/netvolutio… | x_refsource_MISC |
| http://secunia.com/advisories/46255 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2011-10-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20111003 Netvolution referer header SQL injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/519984/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://census-labs.com/news/2011/10/03/netvolution-referer-SQLi/"
},
{
"name": "46255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46255"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-10-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20111003 Netvolution referer header SQL injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/519984/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://census-labs.com/news/2011/10/03/netvolution-referer-SQLi/"
},
{
"name": "46255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46255"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3340",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20111003 Netvolution referer header SQL injection vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/519984/100/0/threaded"
},
{
"name": "http://census-labs.com/news/2011/10/03/netvolution-referer-SQLi/",
"refsource": "MISC",
"url": "http://census-labs.com/news/2011/10/03/netvolution-referer-SQLi/"
},
{
"name": "46255",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46255"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-3340",
"datePublished": "2011-10-21T10:00:00.000Z",
"dateReserved": "2011-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:29:56.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4967 (GCVE-0-2010-4967)
Vulnerability from nvd – Published: 2011-10-21 10:00 – Updated: 2024-08-07 04:02
VLAI
Summary
SQL injection vulnerability in default.asp in ATCOM Netvolution 2.5.6 allows remote attackers to execute arbitrary SQL commands via the artID parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://osvdb.org/65411 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/40764 | vdb-entryx_refsource_BID |
| http://www.exploit-db.com/exploits/13815 | exploitx_refsource_EXPLOIT-DB |
| http://secunia.com/advisories/40152 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2010-06-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:02:30.608Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netvolutioncms-default-artid-sql-injection(59343)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59343"
},
{
"name": "65411",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/65411"
},
{
"name": "40764",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40764"
},
{
"name": "13815",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/13815"
},
{
"name": "40152",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40152"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in default.asp in ATCOM Netvolution 2.5.6 allows remote attackers to execute arbitrary SQL commands via the artID parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netvolutioncms-default-artid-sql-injection(59343)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59343"
},
{
"name": "65411",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/65411"
},
{
"name": "40764",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40764"
},
{
"name": "13815",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/13815"
},
{
"name": "40152",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40152"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4967",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in default.asp in ATCOM Netvolution 2.5.6 allows remote attackers to execute arbitrary SQL commands via the artID parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netvolutioncms-default-artid-sql-injection(59343)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59343"
},
{
"name": "65411",
"refsource": "OSVDB",
"url": "http://osvdb.org/65411"
},
{
"name": "40764",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40764"
},
{
"name": "13815",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/13815"
},
{
"name": "40152",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40152"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4967",
"datePublished": "2011-10-21T10:00:00.000Z",
"dateReserved": "2011-10-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:02:30.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4966 (GCVE-0-2010-4966)
Vulnerability from nvd – Published: 2011-10-21 10:00 – Updated: 2024-09-16 23:35
VLAI
Summary
Cross-site scripting (XSS) vulnerability in default.asp in ATCOM Netvolution allows remote attackers to inject arbitrary web script or HTML via the query parameter in a Search action.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://1337day.com/exploits/13067 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:02:30.514Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://1337day.com/exploits/13067"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in default.asp in ATCOM Netvolution allows remote attackers to inject arbitrary web script or HTML via the query parameter in a Search action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-21T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://1337day.com/exploits/13067"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4966",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in default.asp in ATCOM Netvolution allows remote attackers to inject arbitrary web script or HTML via the query parameter in a Search action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://1337day.com/exploits/13067",
"refsource": "MISC",
"url": "http://1337day.com/exploits/13067"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4966",
"datePublished": "2011-10-21T10:00:00.000Z",
"dateReserved": "2011-10-20T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:35:58.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5103 (GCVE-0-2009-5103)
Vulnerability from nvd – Published: 2011-10-21 10:00 – Updated: 2024-09-17 02:53
VLAI
Summary
Cross-site scripting (XSS) vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.exploit-db.com/exploits/7761/ | exploitx_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:54.136Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7761",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/7761/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-21T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7761",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/7761/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5103",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7761",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/7761/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5103",
"datePublished": "2011-10-21T10:00:00.000Z",
"dateReserved": "2011-10-20T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:53:15.725Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5102 (GCVE-0-2009-5102)
Vulnerability from nvd – Published: 2011-10-21 10:00 – Updated: 2024-09-16 20:07
VLAI
Summary
SQL injection vulnerability in default.asp in ATCOM Netvolution 1.0 ASP allows remote attackers to execute arbitrary SQL commands via the bpe_nid parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.exploit-db.com/exploits/7761/ | exploitx_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:54.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7761",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/7761/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in default.asp in ATCOM Netvolution 1.0 ASP allows remote attackers to execute arbitrary SQL commands via the bpe_nid parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-21T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7761",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/7761/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5102",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in default.asp in ATCOM Netvolution 1.0 ASP allows remote attackers to execute arbitrary SQL commands via the bpe_nid parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7761",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/7761/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5102",
"datePublished": "2011-10-21T10:00:00.000Z",
"dateReserved": "2011-10-20T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:07:17.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2318 (GCVE-0-2014-2318)
Vulnerability from cvelistv5 – Published: 2014-03-10 14:00 – Updated: 2024-08-06 10:06
VLAI
Summary
SQL injection vulnerability in ATCOM Netvolution 3 allows remote attackers to execute arbitrary SQL commands via the m parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/65942 | vdb-entryx_refsource_BID |
| http://packetstormsecurity.com/files/125507 | x_refsource_MISC |
Date Public
2014-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:06:00.422Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netvolution-m-sql-injection(91543)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91543"
},
{
"name": "65942",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65942"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/125507"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in ATCOM Netvolution 3 allows remote attackers to execute arbitrary SQL commands via the m parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netvolution-m-sql-injection(91543)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91543"
},
{
"name": "65942",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65942"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/125507"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2318",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in ATCOM Netvolution 3 allows remote attackers to execute arbitrary SQL commands via the m parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netvolution-m-sql-injection(91543)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91543"
},
{
"name": "65942",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65942"
},
{
"name": "http://packetstormsecurity.com/files/125507",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/125507"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2318",
"datePublished": "2014-03-10T14:00:00.000Z",
"dateReserved": "2014-03-10T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:06:00.422Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5102 (GCVE-0-2009-5102)
Vulnerability from cvelistv5 – Published: 2011-10-21 10:00 – Updated: 2024-09-16 20:07
VLAI
Summary
SQL injection vulnerability in default.asp in ATCOM Netvolution 1.0 ASP allows remote attackers to execute arbitrary SQL commands via the bpe_nid parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.exploit-db.com/exploits/7761/ | exploitx_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:54.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7761",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/7761/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in default.asp in ATCOM Netvolution 1.0 ASP allows remote attackers to execute arbitrary SQL commands via the bpe_nid parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-21T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7761",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/7761/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5102",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in default.asp in ATCOM Netvolution 1.0 ASP allows remote attackers to execute arbitrary SQL commands via the bpe_nid parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7761",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/7761/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5102",
"datePublished": "2011-10-21T10:00:00.000Z",
"dateReserved": "2011-10-20T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:07:17.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4967 (GCVE-0-2010-4967)
Vulnerability from cvelistv5 – Published: 2011-10-21 10:00 – Updated: 2024-08-07 04:02
VLAI
Summary
SQL injection vulnerability in default.asp in ATCOM Netvolution 2.5.6 allows remote attackers to execute arbitrary SQL commands via the artID parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://osvdb.org/65411 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/40764 | vdb-entryx_refsource_BID |
| http://www.exploit-db.com/exploits/13815 | exploitx_refsource_EXPLOIT-DB |
| http://secunia.com/advisories/40152 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2010-06-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:02:30.608Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netvolutioncms-default-artid-sql-injection(59343)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59343"
},
{
"name": "65411",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/65411"
},
{
"name": "40764",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40764"
},
{
"name": "13815",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/13815"
},
{
"name": "40152",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40152"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in default.asp in ATCOM Netvolution 2.5.6 allows remote attackers to execute arbitrary SQL commands via the artID parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netvolutioncms-default-artid-sql-injection(59343)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59343"
},
{
"name": "65411",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/65411"
},
{
"name": "40764",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40764"
},
{
"name": "13815",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/13815"
},
{
"name": "40152",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40152"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4967",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in default.asp in ATCOM Netvolution 2.5.6 allows remote attackers to execute arbitrary SQL commands via the artID parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netvolutioncms-default-artid-sql-injection(59343)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59343"
},
{
"name": "65411",
"refsource": "OSVDB",
"url": "http://osvdb.org/65411"
},
{
"name": "40764",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40764"
},
{
"name": "13815",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/13815"
},
{
"name": "40152",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40152"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4967",
"datePublished": "2011-10-21T10:00:00.000Z",
"dateReserved": "2011-10-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:02:30.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4966 (GCVE-0-2010-4966)
Vulnerability from cvelistv5 – Published: 2011-10-21 10:00 – Updated: 2024-09-16 23:35
VLAI
Summary
Cross-site scripting (XSS) vulnerability in default.asp in ATCOM Netvolution allows remote attackers to inject arbitrary web script or HTML via the query parameter in a Search action.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://1337day.com/exploits/13067 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:02:30.514Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://1337day.com/exploits/13067"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in default.asp in ATCOM Netvolution allows remote attackers to inject arbitrary web script or HTML via the query parameter in a Search action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-21T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://1337day.com/exploits/13067"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4966",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in default.asp in ATCOM Netvolution allows remote attackers to inject arbitrary web script or HTML via the query parameter in a Search action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://1337day.com/exploits/13067",
"refsource": "MISC",
"url": "http://1337day.com/exploits/13067"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4966",
"datePublished": "2011-10-21T10:00:00.000Z",
"dateReserved": "2011-10-20T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:35:58.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5103 (GCVE-0-2009-5103)
Vulnerability from cvelistv5 – Published: 2011-10-21 10:00 – Updated: 2024-09-17 02:53
VLAI
Summary
Cross-site scripting (XSS) vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.exploit-db.com/exploits/7761/ | exploitx_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:54.136Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7761",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/7761/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-21T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7761",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/7761/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5103",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7761",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/7761/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5103",
"datePublished": "2011-10-21T10:00:00.000Z",
"dateReserved": "2011-10-20T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:53:15.725Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3340 (GCVE-0-2011-3340)
Vulnerability from cvelistv5 – Published: 2011-10-21 10:00 – Updated: 2024-08-06 23:29
VLAI
Summary
SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/519984/100… | mailing-listx_refsource_BUGTRAQ |
| http://census-labs.com/news/2011/10/03/netvolutio… | x_refsource_MISC |
| http://secunia.com/advisories/46255 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2011-10-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20111003 Netvolution referer header SQL injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/519984/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://census-labs.com/news/2011/10/03/netvolution-referer-SQLi/"
},
{
"name": "46255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46255"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-10-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20111003 Netvolution referer header SQL injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/519984/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://census-labs.com/news/2011/10/03/netvolution-referer-SQLi/"
},
{
"name": "46255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46255"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3340",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20111003 Netvolution referer header SQL injection vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/519984/100/0/threaded"
},
{
"name": "http://census-labs.com/news/2011/10/03/netvolution-referer-SQLi/",
"refsource": "MISC",
"url": "http://census-labs.com/news/2011/10/03/netvolution-referer-SQLi/"
},
{
"name": "46255",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46255"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-3340",
"datePublished": "2011-10-21T10:00:00.000Z",
"dateReserved": "2011-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:29:56.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}