CVE-2015-4713 — MEDIUM (6.5)

Vulnerability Description

SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote editors to execute arbitrary SQL commands via the pid parameter to index.php.

CVSS Score

6.5

MEDIUM

AV:N/AC:L/Au:S/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Apphp	Hotel Site	3.0.9

Related Weaknesses (CWE)

CWE-89

References

http://packetstormsecurity.com/files/132369/ApPHP-Hotel-Site-3.x.x-SQL-InjectionExploit
http://www.securityfocus.com/bid/75390
http://packetstormsecurity.com/files/132369/ApPHP-Hotel-Site-3.x.x-SQL-InjectionExploit
http://www.securityfocus.com/bid/75390

FAQ

What is CVE-2015-4713?

CVE-2015-4713 is a vulnerability with a CVSS score of 6.5 (MEDIUM). SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote editors to execute arbitrary SQL commands via the pid parameter to index.php.

How severe is CVE-2015-4713?

CVE-2015-4713 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-4713?

Check the references section above for vendor advisories and patch information. Affected products include: Apphp Hotel Site.