CVE-2011-5104 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	4.3 UNKNOWN	NETWORK	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N
mitre	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 61%

Vendor	Product	Version
getshopped	wp_e-commerce	𝑥 ≤ 3.8.7.1
getshopped	wp_e-commerce	3.6.5
getshopped	wp_e-commerce	3.6.6
getshopped	wp_e-commerce	3.6.7
getshopped	wp_e-commerce	3.6.8
getshopped	wp_e-commerce	3.6.9
getshopped	wp_e-commerce	3.6.10
getshopped	wp_e-commerce	3.6.11
getshopped	wp_e-commerce	3.6.12
getshopped	wp_e-commerce	3.6.13
getshopped	wp_e-commerce	3.7
getshopped	wp_e-commerce	3.7:beta2
getshopped	wp_e-commerce	3.7:beta3
getshopped	wp_e-commerce	3.7.1
getshopped	wp_e-commerce	3.7.2
getshopped	wp_e-commerce	3.7.3
getshopped	wp_e-commerce	3.7.4
getshopped	wp_e-commerce	3.7.5
getshopped	wp_e-commerce	3.7.5:beta1
getshopped	wp_e-commerce	3.7.5:beta2
getshopped	wp_e-commerce	3.7.5:rc1
getshopped	wp_e-commerce	3.7.5:rc2
getshopped	wp_e-commerce	3.7.5:rc3
getshopped	wp_e-commerce	3.7.5:rc4
getshopped	wp_e-commerce	3.7.5.1
getshopped	wp_e-commerce	3.7.5.1:beta
getshopped	wp_e-commerce	3.7.5.2
getshopped	wp_e-commerce	3.7.5.3
getshopped	wp_e-commerce	3.7.6
getshopped	wp_e-commerce	3.7.6:rc1
getshopped	wp_e-commerce	3.7.6:rc2
getshopped	wp_e-commerce	3.7.6:rc3
getshopped	wp_e-commerce	3.7.6:rc4
getshopped	wp_e-commerce	3.7.6.1
getshopped	wp_e-commerce	3.7.6.2
getshopped	wp_e-commerce	3.7.6.3
getshopped	wp_e-commerce	3.7.6.4
getshopped	wp_e-commerce	3.7.6.5
getshopped	wp_e-commerce	3.7.6.6
getshopped	wp_e-commerce	3.7.6.7
getshopped	wp_e-commerce	3.7.6.9
getshopped	wp_e-commerce	3.7.7
getshopped	wp_e-commerce	3.7.8
getshopped	wp_e-commerce	3.7.8.1
getshopped	wp_e-commerce	3.7.8.2
getshopped	wp_e-commerce	3.7.8.3
getshopped	wp_e-commerce	3.8
getshopped	wp_e-commerce	3.8:beta1
getshopped	wp_e-commerce	3.8:beta2
getshopped	wp_e-commerce	3.8:beta3
getshopped	wp_e-commerce	3.8:rc1
getshopped	wp_e-commerce	3.8:rc2
getshopped	wp_e-commerce	3.8:rc3
getshopped	wp_e-commerce	3.8:rc4
getshopped	wp_e-commerce	3.8.1
getshopped	wp_e-commerce	3.8.2
getshopped	wp_e-commerce	3.8.3
getshopped	wp_e-commerce	3.8.4
getshopped	wp_e-commerce	3.8.5
getshopped	wp_e-commerce	3.8.6
getshopped	wp_e-commerce	3.8.6.1
getshopped	wp_e-commerce	3.8.7

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

http://osvdb.org/77249

http://plugins.trac.wordpress.org/changeset?reponame=&new=463447%40wp-e-commerce&old=463446%40wp-e-commerce

http://secunia.com/advisories/46957

http://wordpress.org/extend/plugins/wp-e-commerce/changelog/

http://www.securityfocus.com/bid/50757

https://exchange.xforce.ibmcloud.com/vulnerabilities/71443

http://osvdb.org/77249

http://plugins.trac.wordpress.org/changeset?reponame=&new=463447%40wp-e-commerce&old=463446%40wp-e-commerce

http://secunia.com/advisories/46957

http://wordpress.org/extend/plugins/wp-e-commerce/changelog/

http://www.securityfocus.com/bid/50757

https://exchange.xforce.ibmcloud.com/vulnerabilities/71443