Computer Security
[EN] securityvulns.ru no-pyccku


CVECVE-2015-7319
StatusCandidate
DescriptionSQL injection vulnerability in cpabc_appointments_admin_int_calendar_list.inc.php in the Appointment Booking Calendar plugin before 1.1.8 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to updating the username.
Severity
High
CVSS score7,5
CVSS vector(AV:N/AC:L/Au:N/C:P/I:P/A:P)
PhaseAssigned (22.09.2015)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7319
ReferencesBUGTRAQ : 20150926 CVE-2015-7319 - SQL Injection in Appointment Booking Calendar 1.1.7 WordPress plugin
 CONFIRM : https://wordpress.org/plugins/appointment-booking-...
SecurityVulns:Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod