Vulnerability CVE-2012-5701

Vulnerability CVE-2012-5701

Published: 2014-10-20

Description:

	Topic	Author	Date
Med.	dotProject 2.1.6 Cross Site Scripting & SQL Injection	High-Tech Bridge...	22.11.2012

Type:

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.8/10	6.4/10	8.6/10

Affected software
Dotproject -> Dotproject

http://sourceforge.net/projects/dotproject/files/dotproject/dotProject%20Version%202.1.7/

https://www.htbridge.com/advisory/HTB23124

http://xforce.iss.net/xforce/xfdb/80223

http://www.securityfocus.com/bid/56624

http://packetstormsecurity.com/files/118274/dotProject-2.1.6-Cross-Site-Scripting-SQL-Injection.html

http://osvdb.org/87625