Published: 31/03/2012 Updated: 13/12/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

admin/index.php in PHP Grade Book prior to 1.9.5 BETA allows remote malicious users to read the database via a SaveSQL action.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phpgradebook php grade book
phpgradebook php grade book 1.9.3

'PHP Grade Book' Unauthenticated SQL Database Export (CVE-2012-1670) Mark Stanislav - markstanislav@gmailcom I DESCRIPTION --------------------------------------- A vulnerability exists in admin/indexphp that allows for an unauthenticated user to export the entire application database by accessing the 'Database Backup' method without restrict ...

PHP Grade Book version 194 suffers from an unauthenticated SQL database export vulnerability ...

CWE-200 http://www.exploit-db.com/exploits/18647/http://downloads.sourceforge.net/project/php-gradebook/phpGradeBook%20-%20BETA/1.9.5/phpGradeBook1.9.5.zip http://secunia.com/advisories/48524 http://archives.neohapsis.com/archives/bugtraq/2012-03/0115.html https://exchange.xforce.ibmcloud.com/vulnerabilities/74292 http://osvdb.org/80311 http://www.securityfocus.com/bid/52686 https://nvd.nist.gov https://www.exploit-db.com/exploits/18647/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-1670

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect