CVE-2011-5235

SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 65%
VendorProductVersion
mnogosearchmnogosearch
𝑥
≤ 3.3.11
mnogosearchmnogosearch
3.1.19
mnogosearchmnogosearch
3.1.20
mnogosearchmnogosearch
3.2.10
mnogosearchmnogosearch
3.2.13
mnogosearchmnogosearch
3.2.14
mnogosearchmnogosearch
3.2.15
mnogosearchmnogosearch
3.2.16
mnogosearchmnogosearch
3.2.17
mnogosearchmnogosearch
3.2.18
mnogosearchmnogosearch
3.2.19
mnogosearchmnogosearch
3.2.20
mnogosearchmnogosearch
3.2.21
mnogosearchmnogosearch
3.2.22
mnogosearchmnogosearch
3.2.23
mnogosearchmnogosearch
3.2.24
mnogosearchmnogosearch
3.2.25
mnogosearchmnogosearch
3.2.26
mnogosearchmnogosearch
3.2.42
mnogosearchmnogosearch
3.3.0
mnogosearchmnogosearch
3.3.1
mnogosearchmnogosearch
3.3.2
mnogosearchmnogosearch
3.3.3
mnogosearchmnogosearch
3.3.4
mnogosearchmnogosearch
3.3.5
mnogosearchmnogosearch
3.3.6
mnogosearchmnogosearch
3.3.7
mnogosearchmnogosearch
3.3.8
mnogosearchmnogosearch
3.3.9
mnogosearchmnogosearch
3.3.10
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/47272
http://www.mnogosearch.org/doc33/msearch-changelog.html#changelog-3-3-12
http://www.osvdb.org/77949
http://www.securityfocus.com/bid/51113
https://exchange.xforce.ibmcloud.com/vulnerabilities/71884
http://secunia.com/advisories/47272
http://www.mnogosearch.org/doc33/msearch-changelog.html#changelog-3-3-12
http://www.osvdb.org/77949
http://www.securityfocus.com/bid/51113
https://exchange.xforce.ibmcloud.com/vulnerabilities/71884