NVD

Id
24823  
Name
CVE-2015-2843  
Description
Multiple SQL injection vulnerabilities in GoAutoDial GoAdmin CE before 3.3-1421902800 allow remote attackers to execute arbitrary SQL commands via the (1) user_name or (2) user_pass parameter in go_login.php or the PATH_INFO to (3) go_login/validate_credentials/admin/ or (4) index.php/go_site/go_get_user_info/.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2015-05-12  
Modified Date
2016-12-02  
Seq
2015-2843  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
131082 24823 CVE-2015-2843 http://goautodial.org/news/21  View
131083 24823 CVE-2015-2843 http://packetstormsecurity.com/files/131543/GoAutoDial-SQL-Injection-Command-Execution-File-Upload.html  View
131084 24823 CVE-2015-2843 20150421 GoAutoDial 3.3 multiple vulnerabilities  View
131085 24823 CVE-2015-2843 74281  View
131086 24823 CVE-2015-2843 36807  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
7362 JVNDB-2015-002682 GoAutoDial GoAdmin CE における SQL インジェクションの脆弱性 GoAutoDial GoAdmin CE には、SQL インジェクションの脆弱性が存在します。 CVE-2015-2843 80068 CVE-2015-2843 24823 7.5 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-002682.html 2015-01-27 2015-05-18 View