Vulnerabilites related to civicrm - civicrm
cve-2020-36389
Vulnerability from cvelistv5
Published
2021-06-17 00:00
Modified
2024-08-04 17:23
Severity ?
EPSS score ?
Summary
In CiviCRM before 5.28.1 and CiviCRM ESR before 5.27.5 ESR, the CKEditor configuration form allows CSRF.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:23:10.489Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://civicrm.org/advisory/civi-sa-2020-11-csrf-ckeditor-configuration-form"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.sonarsource.com/civicrm-code-execution-vulnerability-chain-explained/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In CiviCRM before 5.28.1 and CiviCRM ESR before 5.27.5 ESR, the CKEditor configuration form allows CSRF."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-02T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://civicrm.org/advisory/civi-sa-2020-11-csrf-ckeditor-configuration-form"
},
{
"url": "https://blog.sonarsource.com/civicrm-code-execution-vulnerability-chain-explained/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-36389",
"datePublished": "2021-06-17T00:00:00",
"dateReserved": "2021-06-17T00:00:00",
"dateUpdated": "2024-08-04T17:23:10.489Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-5239
Vulnerability from cvelistv5
Published
2012-11-06 11:00
Modified
2024-09-17 03:58
Severity ?
EPSS score ?
Summary
CiviCRM 4.0.5 and 4.1.1 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.unrest.ca/peerjacking | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:30:46.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.unrest.ca/peerjacking"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CiviCRM 4.0.5 and 4.1.1 does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-11-06T11:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.unrest.ca/peerjacking"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5239",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CiviCRM 4.0.5 and 4.1.1 does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.unrest.ca/peerjacking",
"refsource": "MISC",
"url": "http://www.unrest.ca/peerjacking"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-5239",
"datePublished": "2012-11-06T11:00:00Z",
"dateReserved": "2012-11-06T00:00:00Z",
"dateUpdated": "2024-09-17T03:58:59.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-5957
Vulnerability from cvelistv5
Published
2013-11-27 18:00
Modified
2024-08-06 17:29
Severity ?
EPSS score ?
Summary
Multiple SQL injection vulnerabilities in CRM/Core/Page/AJAX/Location.php in CiviCRM before 4.2.12, 4.3.x before 4.3.7, and 4.4.x before 4.4.beta4 allow remote attackers to execute arbitrary SQL commands via the _value parameter to (1) ajax/jqState or (2) ajax/jqcounty.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:41.636Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.navixia.com/blog/entry/navixia-finds-critical-vulnerability-in-civicrm-cve-2013-5957.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.navixia.com/company/navixia-news/395-navixia-finds-critical-vulnerability-in-civicrm.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/civicrm/civicrm-core/pull/1708.diff"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://civicrm.org/advisory/civi-sa-2013-009-sql-injection-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in CRM/Core/Page/AJAX/Location.php in CiviCRM before 4.2.12, 4.3.x before 4.3.7, and 4.4.x before 4.4.beta4 allow remote attackers to execute arbitrary SQL commands via the _value parameter to (1) ajax/jqState or (2) ajax/jqcounty."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-01T17:26:34",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.navixia.com/blog/entry/navixia-finds-critical-vulnerability-in-civicrm-cve-2013-5957.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.navixia.com/company/navixia-news/395-navixia-finds-critical-vulnerability-in-civicrm.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/civicrm/civicrm-core/pull/1708.diff"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://civicrm.org/advisory/civi-sa-2013-009-sql-injection-vulnerability"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5957",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in CRM/Core/Page/AJAX/Location.php in CiviCRM before 4.2.12, 4.3.x before 4.3.7, and 4.4.x before 4.4.beta4 allow remote attackers to execute arbitrary SQL commands via the _value parameter to (1) ajax/jqState or (2) ajax/jqcounty."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.navixia.com/blog/entry/navixia-finds-critical-vulnerability-in-civicrm-cve-2013-5957.html",
"refsource": "MISC",
"url": "https://www.navixia.com/blog/entry/navixia-finds-critical-vulnerability-in-civicrm-cve-2013-5957.html"
},
{
"name": "https://www.navixia.com/company/navixia-news/395-navixia-finds-critical-vulnerability-in-civicrm.html",
"refsource": "MISC",
"url": "https://www.navixia.com/company/navixia-news/395-navixia-finds-critical-vulnerability-in-civicrm.html"
},
{
"name": "https://github.com/civicrm/civicrm-core/pull/1708.diff",
"refsource": "CONFIRM",
"url": "https://github.com/civicrm/civicrm-core/pull/1708.diff"
},
{
"name": "https://civicrm.org/advisory/civi-sa-2013-009-sql-injection-vulnerability",
"refsource": "CONFIRM",
"url": "https://civicrm.org/advisory/civi-sa-2013-009-sql-injection-vulnerability"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5957",
"datePublished": "2013-11-27T18:00:00",
"dateReserved": "2013-09-27T00:00:00",
"dateUpdated": "2024-08-06T17:29:41.636Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1636
Vulnerability from cvelistv5
Published
2014-03-12 14:00
Modified
2024-08-06 15:13
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin before 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 through 4.2.9 and 4.3.0 through 4.3.3, allows remote attackers to inject arbitrary web script or HTML via the get-data parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://wordpress.org/plugins/pretty-link/changelog | x_refsource_MISC | |
| http://packetstormsecurity.com/files/121623/Joomla-Jnews-8.0.1-Cross-Site-Scripting.html | x_refsource_MISC | |
| https://civicrm.org/advisory/civi-sa-2013-002-openflashchart-xss | x_refsource_CONFIRM | |
| http://archives.neohapsis.com/archives/bugtraq/2013-02/0101.html | mailing-list, x_refsource_BUGTRAQ | |
| http://packetstormsecurity.com/files/120433/WordPress-Pretty-Link-1.6.3-Cross-Site-Scripting.html | x_refsource_MISC | |
| http://osvdb.org/90435 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/82242 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:13:31.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://wordpress.org/plugins/pretty-link/changelog"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/121623/Joomla-Jnews-8.0.1-Cross-Site-Scripting.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://civicrm.org/advisory/civi-sa-2013-002-openflashchart-xss"
},
{
"name": "20130220 [CVE-2013-1636]Wordpress pretty-link plugin XSS in SWF\u0026#8207;",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0101.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/120433/WordPress-Pretty-Link-1.6.3-Cross-Site-Scripting.html"
},
{
"name": "90435",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/90435"
},
{
"name": "prettylinklite-openflashchart-xss(82242)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82242"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin before 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 through 4.2.9 and 4.3.0 through 4.3.3, allows remote attackers to inject arbitrary web script or HTML via the get-data parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://wordpress.org/plugins/pretty-link/changelog"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/121623/Joomla-Jnews-8.0.1-Cross-Site-Scripting.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://civicrm.org/advisory/civi-sa-2013-002-openflashchart-xss"
},
{
"name": "20130220 [CVE-2013-1636]Wordpress pretty-link plugin XSS in SWF\u0026#8207;",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0101.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/120433/WordPress-Pretty-Link-1.6.3-Cross-Site-Scripting.html"
},
{
"name": "90435",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/90435"
},
{
"name": "prettylinklite-openflashchart-xss(82242)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82242"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1636",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin before 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 through 4.2.9 and 4.3.0 through 4.3.3, allows remote attackers to inject arbitrary web script or HTML via the get-data parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://wordpress.org/plugins/pretty-link/changelog",
"refsource": "MISC",
"url": "http://wordpress.org/plugins/pretty-link/changelog"
},
{
"name": "http://packetstormsecurity.com/files/121623/Joomla-Jnews-8.0.1-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/121623/Joomla-Jnews-8.0.1-Cross-Site-Scripting.html"
},
{
"name": "https://civicrm.org/advisory/civi-sa-2013-002-openflashchart-xss",
"refsource": "CONFIRM",
"url": "https://civicrm.org/advisory/civi-sa-2013-002-openflashchart-xss"
},
{
"name": "20130220 [CVE-2013-1636]Wordpress pretty-link plugin XSS in SWF\u0026#8207;",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0101.html"
},
{
"name": "http://packetstormsecurity.com/files/120433/WordPress-Pretty-Link-1.6.3-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/120433/WordPress-Pretty-Link-1.6.3-Cross-Site-Scripting.html"
},
{
"name": "90435",
"refsource": "OSVDB",
"url": "http://osvdb.org/90435"
},
{
"name": "prettylinklite-openflashchart-xss(82242)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82242"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1636",
"datePublished": "2014-03-12T14:00:00",
"dateReserved": "2013-02-07T00:00:00",
"dateUpdated": "2024-08-06T15:13:31.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-4661
Vulnerability from cvelistv5
Published
2014-01-29 18:00
Modified
2024-08-06 16:52
Severity ?
EPSS score ?
Summary
CiviCRM 2.0.0 through 4.2.9 and 4.3.0 through 4.3.3 does not properly enforce role-based access control (RBAC) restrictions for default custom searches, which allows remote authenticated users with the "access CiviCRM" permission to bypass intended access restrictions, as demonstrated by accessing custom contribution data without having the "access CiviContribute" permission.
References
| ▼ | URL | Tags |
|---|---|---|
| http://issues.civicrm.org/jira/browse/CRM-12747 | x_refsource_CONFIRM | |
| http://civicrm.org/advisory/civi-sa-2013-003 | x_refsource_CONFIRM | |
| http://civicrm.org/advisory/civi-sa-2013-003-custom-search-permissions | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:52:26.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://issues.civicrm.org/jira/browse/CRM-12747"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://civicrm.org/advisory/civi-sa-2013-003"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://civicrm.org/advisory/civi-sa-2013-003-custom-search-permissions"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CiviCRM 2.0.0 through 4.2.9 and 4.3.0 through 4.3.3 does not properly enforce role-based access control (RBAC) restrictions for default custom searches, which allows remote authenticated users with the \"access CiviCRM\" permission to bypass intended access restrictions, as demonstrated by accessing custom contribution data without having the \"access CiviContribute\" permission."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-29T17:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://issues.civicrm.org/jira/browse/CRM-12747"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://civicrm.org/advisory/civi-sa-2013-003"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://civicrm.org/advisory/civi-sa-2013-003-custom-search-permissions"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CiviCRM 2.0.0 through 4.2.9 and 4.3.0 through 4.3.3 does not properly enforce role-based access control (RBAC) restrictions for default custom searches, which allows remote authenticated users with the \"access CiviCRM\" permission to bypass intended access restrictions, as demonstrated by accessing custom contribution data without having the \"access CiviContribute\" permission."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://issues.civicrm.org/jira/browse/CRM-12747",
"refsource": "CONFIRM",
"url": "http://issues.civicrm.org/jira/browse/CRM-12747"
},
{
"name": "http://civicrm.org/advisory/civi-sa-2013-003",
"refsource": "CONFIRM",
"url": "http://civicrm.org/advisory/civi-sa-2013-003"
},
{
"name": "http://civicrm.org/advisory/civi-sa-2013-003-custom-search-permissions",
"refsource": "CONFIRM",
"url": "http://civicrm.org/advisory/civi-sa-2013-003-custom-search-permissions"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4661",
"datePublished": "2014-01-29T18:00:00",
"dateReserved": "2013-06-24T00:00:00",
"dateUpdated": "2024-08-06T16:52:26.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-25440
Vulnerability from cvelistv5
Published
2023-05-23 00:00
Modified
2025-01-31 13:49
Severity ?
EPSS score ?
Summary
Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:18:36.348Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://civicrm.org/"
},
{
"tags": [
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/172470/CiviCRM-5.59.alpha1-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-25440",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T15:23:46.968939Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-31T13:49:50.574Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-23T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://civicrm.org/"
},
{
"url": "https://packetstormsecurity.com/files/172470/CiviCRM-5.59.alpha1-Cross-Site-Scripting.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-25440",
"datePublished": "2023-05-23T00:00:00.000Z",
"dateReserved": "2023-02-06T00:00:00.000Z",
"dateUpdated": "2025-01-31T13:49:50.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-4662
Vulnerability from cvelistv5
Published
2014-01-29 18:00
Modified
2024-08-06 16:52
Severity ?
EPSS score ?
Summary
The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through 4.3.3 allows remote authenticated users to bypass the validation layer and conduct SQL injection attacks via a direct request to the "second layer" of the API, related to contact.getquick.
References
| ▼ | URL | Tags |
|---|---|---|
| https://civicrm.org/advisory/civi-sa-2013-004-limited-sql-injection-quick-search-api | x_refsource_CONFIRM | |
| http://issues.civicrm.org/jira/browse/CRM-12765 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:52:26.877Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://civicrm.org/advisory/civi-sa-2013-004-limited-sql-injection-quick-search-api"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://issues.civicrm.org/jira/browse/CRM-12765"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through 4.3.3 allows remote authenticated users to bypass the validation layer and conduct SQL injection attacks via a direct request to the \"second layer\" of the API, related to contact.getquick."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-29T17:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://civicrm.org/advisory/civi-sa-2013-004-limited-sql-injection-quick-search-api"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://issues.civicrm.org/jira/browse/CRM-12765"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through 4.3.3 allows remote authenticated users to bypass the validation layer and conduct SQL injection attacks via a direct request to the \"second layer\" of the API, related to contact.getquick."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://civicrm.org/advisory/civi-sa-2013-004-limited-sql-injection-quick-search-api",
"refsource": "CONFIRM",
"url": "https://civicrm.org/advisory/civi-sa-2013-004-limited-sql-injection-quick-search-api"
},
{
"name": "http://issues.civicrm.org/jira/browse/CRM-12765",
"refsource": "CONFIRM",
"url": "http://issues.civicrm.org/jira/browse/CRM-12765"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4662",
"datePublished": "2014-01-29T18:00:00",
"dateReserved": "2013-06-24T00:00:00",
"dateUpdated": "2024-08-06T16:52:26.877Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1999022
Vulnerability from cvelistv5
Published
2018-07-23 16:00
Modified
2024-09-16 16:38
Severity ?
EPSS score ?
Summary
PEAR HTML_QuickForm version 3.2.14 contains an eval injection (CWE-95) vulnerability in HTML_QuickForm's getSubmitValue method, HTML_QuickForm's validate method, HTML_QuickForm_hierselect's _setOptions method, HTML_QuickForm_element's _findValue method, HTML_QuickForm_element's _prepareValue method. that can result in Possible information disclosure, possible impact on data integrity and execution of arbitrary code. This attack appear to be exploitable via A specially crafted query string could be utilised, e.g. http://www.example.com/admin/add_practice_type_id[1]=fubar%27])%20OR%20die(%27OOK!%27);%20//&mode=live. This vulnerability appears to have been fixed in 3.2.15.
References
| ▼ | URL | Tags |
|---|---|---|
| https://civicrm.org/advisory/civi-sa-2018-07-remote-code-execution-in-quickform | x_refsource_CONFIRM | |
| http://blog.pear.php.net/2018/07/19/security-vulnerability-announcement-html_quickform/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:47:57.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://civicrm.org/advisory/civi-sa-2018-07-remote-code-execution-in-quickform"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.pear.php.net/2018/07/19/security-vulnerability-announcement-html_quickform/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2018-07-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PEAR HTML_QuickForm version 3.2.14 contains an eval injection (CWE-95) vulnerability in HTML_QuickForm\u0027s getSubmitValue method, HTML_QuickForm\u0027s validate method, HTML_QuickForm_hierselect\u0027s _setOptions method, HTML_QuickForm_element\u0027s _findValue method, HTML_QuickForm_element\u0027s _prepareValue method. that can result in Possible information disclosure, possible impact on data integrity and execution of arbitrary code. This attack appear to be exploitable via A specially crafted query string could be utilised, e.g. http://www.example.com/admin/add_practice_type_id[1]=fubar%27])%20OR%20die(%27OOK!%27);%20//\u0026mode=live. This vulnerability appears to have been fixed in 3.2.15."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-23T16:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://civicrm.org/advisory/civi-sa-2018-07-remote-code-execution-in-quickform"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.pear.php.net/2018/07/19/security-vulnerability-announcement-html_quickform/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2018-07-22T01:05:34.777936",
"DATE_REQUESTED": "2018-07-19T23:25:02",
"ID": "CVE-2018-1999022",
"REQUESTER": "pear-group@php.net",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PEAR HTML_QuickForm version 3.2.14 contains an eval injection (CWE-95) vulnerability in HTML_QuickForm\u0027s getSubmitValue method, HTML_QuickForm\u0027s validate method, HTML_QuickForm_hierselect\u0027s _setOptions method, HTML_QuickForm_element\u0027s _findValue method, HTML_QuickForm_element\u0027s _prepareValue method. that can result in Possible information disclosure, possible impact on data integrity and execution of arbitrary code. This attack appear to be exploitable via A specially crafted query string could be utilised, e.g. http://www.example.com/admin/add_practice_type_id[1]=fubar%27])%20OR%20die(%27OOK!%27);%20//\u0026mode=live. This vulnerability appears to have been fixed in 3.2.15."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://civicrm.org/advisory/civi-sa-2018-07-remote-code-execution-in-quickform",
"refsource": "CONFIRM",
"url": "https://civicrm.org/advisory/civi-sa-2018-07-remote-code-execution-in-quickform"
},
{
"name": "http://blog.pear.php.net/2018/07/19/security-vulnerability-announcement-html_quickform/",
"refsource": "CONFIRM",
"url": "http://blog.pear.php.net/2018/07/19/security-vulnerability-announcement-html_quickform/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-1999022",
"datePublished": "2018-07-23T16:00:00Z",
"dateReserved": "2018-07-23T00:00:00Z",
"dateUpdated": "2024-09-16T16:38:06.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-36388
Vulnerability from cvelistv5
Published
2021-06-17 00:00
Modified
2024-08-04 17:23
Severity ?
EPSS score ?
Summary
In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, users may be able to upload and execute a crafted PHAR archive.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:23:10.444Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://civicrm.org/advisory/civi-sa-2020-03"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.sonarsource.com/civicrm-code-execution-vulnerability-chain-explained/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, users may be able to upload and execute a crafted PHAR archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-02T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://civicrm.org/advisory/civi-sa-2020-03"
},
{
"url": "https://blog.sonarsource.com/civicrm-code-execution-vulnerability-chain-explained/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-36388",
"datePublished": "2021-06-17T00:00:00",
"dateReserved": "2021-06-17T00:00:00",
"dateUpdated": "2024-08-04T17:23:10.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2012-11-06 12:21
Modified
2024-11-21 01:33
Severity ?
Summary
CiviCRM 4.0.5 and 4.1.1 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2119DA-2E27-4FA5-9C7D-698A3E9A524A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888273E2-F272-4445-985F-CB9C6F02716B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CiviCRM 4.0.5 and 4.1.1 does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."
},
{
"lang": "es",
"value": "CiviCRM v4.0.5 y v4.1.1 no comprueba si el nombre del servidor coincide con un nombre de dominio en el Common Name (CN) del asunto o el campo subjectAltName del certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores SSL a trav\u00e9s de un certificado v\u00e1lido arbitrario."
}
],
"id": "CVE-2011-5239",
"lastModified": "2024-11-21T01:33:57.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-06T12:21:26.930",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.unrest.ca/peerjacking"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.unrest.ca/peerjacking"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-17 19:15
Modified
2024-11-21 05:29
Severity ?
Summary
In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, users may be able to upload and execute a crafted PHAR archive.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.sonarsource.com/civicrm-code-execution-vulnerability-chain-explained/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://civicrm.org/advisory/civi-sa-2020-03 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.sonarsource.com/civicrm-code-execution-vulnerability-chain-explained/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://civicrm.org/advisory/civi-sa-2020-03 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:civicrm:civicrm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02BA788A-BED3-48F9-ABD9-23B485885D21",
"versionEndExcluding": "5.21.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67868FBE-EF41-40E1-9DE8-7AB943AD4996",
"versionEndExcluding": "5.24.3",
"versionStartIncluding": "5.22.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, users may be able to upload and execute a crafted PHAR archive."
},
{
"lang": "es",
"value": "En CiviCRM versiones anteriores a 5.21.3 y versiones 5.22.x hasta 5.24.x y versiones anteriores a 5.24.3, unos usuarios pueden ser capaces de cargar y ejecutar un archivo PHAR dise\u00f1ado"
}
],
"id": "CVE-2020-36388",
"lastModified": "2024-11-21T05:29:23.417",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-17T19:15:07.793",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.sonarsource.com/civicrm-code-execution-vulnerability-chain-explained/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://civicrm.org/advisory/civi-sa-2020-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.sonarsource.com/civicrm-code-execution-vulnerability-chain-explained/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://civicrm.org/advisory/civi-sa-2020-03"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-17 19:15
Modified
2024-11-21 05:29
Severity ?
Summary
In CiviCRM before 5.28.1 and CiviCRM ESR before 5.27.5 ESR, the CKEditor configuration form allows CSRF.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:civicrm:civicrm:*:*:*:*:extended_security_release:*:*:*",
"matchCriteriaId": "97BD5890-7AF5-4E87-974D-DDF246D1ADB8",
"versionEndExcluding": "5.27.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:*:*:*:*:-:*:*:*",
"matchCriteriaId": "9E5D19C9-9E2E-4137-9A03-13C37FDB0ECA",
"versionEndExcluding": "5.28.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In CiviCRM before 5.28.1 and CiviCRM ESR before 5.27.5 ESR, the CKEditor configuration form allows CSRF."
},
{
"lang": "es",
"value": "En CiviCRM versiones anteriores a 5.28.1 y CiviCRM ESR versiones anteriores a 5.27.5 ESR, el formulario de configuraci\u00f3n del CKEditor permite ataques de tipo CSRF"
}
],
"id": "CVE-2020-36389",
"lastModified": "2024-11-21T05:29:23.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-17T19:15:07.827",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.sonarsource.com/civicrm-code-execution-vulnerability-chain-explained/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://civicrm.org/advisory/civi-sa-2020-11-csrf-ckeditor-configuration-form"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.sonarsource.com/civicrm-code-execution-vulnerability-chain-explained/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://civicrm.org/advisory/civi-sa-2020-11-csrf-ckeditor-configuration-form"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-29 18:55
Modified
2024-11-21 01:56
Severity ?
Summary
CiviCRM 2.0.0 through 4.2.9 and 4.3.0 through 4.3.3 does not properly enforce role-based access control (RBAC) restrictions for default custom searches, which allows remote authenticated users with the "access CiviCRM" permission to bypass intended access restrictions, as demonstrated by accessing custom contribution data without having the "access CiviContribute" permission.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A508E1B8-C207-420D-A65E-13E86D9AD69E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F9F77B96-F9C6-47FA-8EE4-8234F4E9CBE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2219D96F-A324-4475-B16A-45B12ACA546F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A81EE56B-98F2-45A4-8B0D-FFB73E9AB3B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0921A650-5991-41F0-85EF-357F056A42DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA79C88-0875-4476-8F11-61CB68741159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F3864872-77E6-4FF7-B7F5-164CF3BE1729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3638DA-03D0-4476-8A53-A726498A8C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "914CBD7A-81EF-44A0-BF3B-2C774F05E8D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0BBDD7-67A8-4D59-8323-120B2323148D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F075CAAA-A739-4E4E-8746-9A38ACDC927F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBAEA19-880B-4248-8560-764F1F332E9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9CB3F24E-A5AC-4F84-B4C9-B4456896047B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B416BF5C-456F-48CD-BE01-25791E1646E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "185BD726-3C77-4685-ACEC-3CA48E3355AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21E55242-75DE-454D-AF69-983FCB36F6E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CCF41F7A-4E8F-42E6-80A2-149BEEC02C30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA943F0-52D0-4A4E-8FE0-BFC7D77E2DF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB44B83-B47F-4956-B88E-0E2E4EAED0B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5A269277-35DD-4861-AC01-54857EBA986D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "68F2F7D5-96CF-42D2-B60F-427167ED3711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7BE914B7-8EB2-4C03-A903-06011AC064CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "21943DD4-23F7-461F-AD05-3604170A82ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2197B0C7-A39B-4F56-B4E6-C72791558DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E743EA55-05A0-4027-ADD2-C152267D303B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8D034B46-E68C-4F58-8F60-719873ED4FD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDFC8D-39EE-4842-BFAD-6F58FE91D08D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D90C3D94-A671-4DDF-9EA9-2E566074C331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "120AFFD9-0A07-454F-BA0E-BA15483FA67F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DC97E96B-60C6-4E60-AFB1-0CF80E8374F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E77401-E9FB-4749-AC53-2FDCBFEEE735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1D50DEDE-0270-444B-8305-4A6A40460A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "500B70AA-A2C7-4D09-A0C7-204D9AD7DAAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FEEF5DEB-7695-4F98-8BC9-42220C8AD84B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "933C9C9F-8688-42CD-A2D1-905D75356741",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "022E4D21-2495-4811-A5CB-E25109A5775C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "439DEFCA-A232-4C2D-AB74-99A39965B15A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5138B28C-EB4E-424F-9917-1E958BCF88FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F2D8E402-A368-4A18-9655-E137DAC3E847",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3DF0E728-E3EB-46CC-80D2-8BE48095DF73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB4A1BA-9414-4953-BD13-5439020022C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E9A48C77-41A4-4991-A0A4-622BB0AE2474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C58952C9-A419-43C1-8E3E-230DCFC3497A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6B935BAA-681C-4E4C-A40E-65C3AD8EF17F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9D3805-A64D-4F33-847C-391225BD4EFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0743EE73-C87F-4D3D-9542-2F640A99E630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2119DA-2E27-4FA5-9C7D-698A3E9A524A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C684AD9B-7BEE-410B-AA1F-C1C4C002BB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888273E2-F272-4445-985F-CB9C6F02716B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F4746C-7656-43AD-B14B-66D72E9BA7A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF0AADD5-E0B7-4626-A35E-C37FD3A74306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D2E932CC-5C45-4E7A-A526-EA8F9E853F34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "760B8B8D-E42E-410E-BFEC-A2B90BAA57FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8C5031-3ABA-4C0A-BFDE-DAA531D8E3CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C8CBF12E-640F-4752-8F52-B5B3D4015FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A22C3AE-2E98-465C-B24C-725BEB99E943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21DDDCA1-78A1-4FFB-B180-7D0D20FE4FDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5B0394-3C38-454F-BF55-82AADCDEBE9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4F3D157E-9132-4EA9-A395-6E46C4C3C032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "33E5813B-160F-48B2-91B2-4599048028A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6A767A-D530-479B-9E3B-6FB49FD0B8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8D80D5F9-B4D9-41C9-B157-3FE31B54EDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1647D812-6174-4613-B57B-8BEF5C3877C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "074C6767-AC29-4A80-8A51-16DD69BFEAA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE6A4EB0-3143-41AF-B4CF-26C736BEF2A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8BBCB1-99D0-4634-BAD6-495B9D040A4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC01A92-9252-4184-B11A-39D077E761C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CiviCRM 2.0.0 through 4.2.9 and 4.3.0 through 4.3.3 does not properly enforce role-based access control (RBAC) restrictions for default custom searches, which allows remote authenticated users with the \"access CiviCRM\" permission to bypass intended access restrictions, as demonstrated by accessing custom contribution data without having the \"access CiviContribute\" permission."
},
{
"lang": "es",
"value": "CiviCRM v2.0.0 hasta v4.2.9 y v4.3.0 hasta v4.3.3 no aplica correctamente los requisitos de control de acceso basado en roles (RBAC) por defecto en b\u00fasquedas personalizadas, , lo que permite a usuarios remotos autenticados con el permiso \"access CiviCRM\", lo cual permite a atacantes sortear restricciones de acceso, como lo demuestra el acceso a los datos de cotizaci\u00f3n personalizada sin tener el permiso \"access CiviContribute\"."
}
],
"id": "CVE-2013-4661",
"lastModified": "2024-11-21T01:56:00.810",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-29T18:55:26.590",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://civicrm.org/advisory/civi-sa-2013-003"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://civicrm.org/advisory/civi-sa-2013-003-custom-search-permissions"
},
{
"source": "cve@mitre.org",
"url": "http://issues.civicrm.org/jira/browse/CRM-12747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://civicrm.org/advisory/civi-sa-2013-003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://civicrm.org/advisory/civi-sa-2013-003-custom-search-permissions"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://issues.civicrm.org/jira/browse/CRM-12747"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-23 01:15
Modified
2025-01-31 14:15
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://civicrm.org/ | Product | |
| cve@mitre.org | https://packetstormsecurity.com/files/172470/CiviCRM-5.59.alpha1-Cross-Site-Scripting.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://civicrm.org/ | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://packetstormsecurity.com/files/172470/CiviCRM-5.59.alpha1-Cross-Site-Scripting.html | Exploit, Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:civicrm:civicrm:5.59:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "B24A0275-F4FB-4208-BABF-DF1014B48830",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field."
}
],
"id": "CVE-2023-25440",
"lastModified": "2025-01-31T14:15:29.387",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-23T01:15:09.727",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://civicrm.org/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/172470/CiviCRM-5.59.alpha1-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://civicrm.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/172470/CiviCRM-5.59.alpha1-Cross-Site-Scripting.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-23 16:29
Modified
2024-11-21 03:57
Severity ?
Summary
PEAR HTML_QuickForm version 3.2.14 contains an eval injection (CWE-95) vulnerability in HTML_QuickForm's getSubmitValue method, HTML_QuickForm's validate method, HTML_QuickForm_hierselect's _setOptions method, HTML_QuickForm_element's _findValue method, HTML_QuickForm_element's _prepareValue method. that can result in Possible information disclosure, possible impact on data integrity and execution of arbitrary code. This attack appear to be exploitable via A specially crafted query string could be utilised, e.g. http://www.example.com/admin/add_practice_type_id[1]=fubar%27])%20OR%20die(%27OOK!%27);%20//&mode=live. This vulnerability appears to have been fixed in 3.2.15.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| html_quickform_project | html_quickform | 3.2.14 | |
| civicrm | civicrm | * | |
| civicrm | civicrm | 5.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:html_quickform_project:html_quickform:3.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A4A7B7-8F09-4184-A79F-FE0F84317590",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:civicrm:civicrm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4669FD-B258-4349-A36B-275C9341C245",
"versionEndIncluding": "4.6.37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "318C73C8-B9B8-478C-8962-EE2883D97EF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PEAR HTML_QuickForm version 3.2.14 contains an eval injection (CWE-95) vulnerability in HTML_QuickForm\u0027s getSubmitValue method, HTML_QuickForm\u0027s validate method, HTML_QuickForm_hierselect\u0027s _setOptions method, HTML_QuickForm_element\u0027s _findValue method, HTML_QuickForm_element\u0027s _prepareValue method. that can result in Possible information disclosure, possible impact on data integrity and execution of arbitrary code. This attack appear to be exploitable via A specially crafted query string could be utilised, e.g. http://www.example.com/admin/add_practice_type_id[1]=fubar%27])%20OR%20die(%27OOK!%27);%20//\u0026mode=live. This vulnerability appears to have been fixed in 3.2.15."
},
{
"lang": "es",
"value": "PEAR HTML_QuickForm 3.2.14 contiene una vulnerabilidad de inyecci\u00f3n de eval (CWE-95) en el m\u00e9todo getSubmitValue de HTML_QuickForm el m\u00e9todo validate de HTML_QuickForm, el m\u00e9todo _setOptions de HTML_QuickForm_hierselect, el m\u00e9todo _findValue de HTML_QuickForm_element y en el m\u00e9todo _prepareValue de HTML_QuickForm_element que puede resultar en una posible divulgaci\u00f3n de informaci\u00f3n, un posible impacto en la integridad de los datos y en la ejecuci\u00f3n de c\u00f3digo arbitrario. Este ataque parece ser explotable empleando una cadena de consulta especialmente manipulada, por ejemplo: http://www.example.com/admin/add_practice_type_id[1]=fubar%27])%20OR%20die(%27OOK!%27);%20//mode=live. La vulnerabilidad parece haber sido solucionada en la versi\u00f3n 3.2.15."
}
],
"id": "CVE-2018-1999022",
"lastModified": "2024-11-21T03:57:04.400",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-23T16:29:00.227",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.pear.php.net/2018/07/19/security-vulnerability-announcement-html_quickform/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://civicrm.org/advisory/civi-sa-2018-07-remote-code-execution-in-quickform"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.pear.php.net/2018/07/19/security-vulnerability-announcement-html_quickform/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://civicrm.org/advisory/civi-sa-2018-07-remote-code-execution-in-quickform"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-12 14:55
Modified
2025-02-13 16:03
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin before 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 through 4.2.9 and 4.3.0 through 4.3.3, allows remote attackers to inject arbitrary web script or HTML via the get-data parameter.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caseproof:prettylinks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B2E67D-328E-464E-9515-11CCA4981683",
"versionEndIncluding": "1.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:caseproof:prettylinks:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7DC8B0DD-82DA-4E41-A4B1-B3B80AF1C920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:caseproof:prettylinks:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F7FED3-B2CC-45A3-B681-6C8CB4A49A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:joobi:com_jnews:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD0BA68-0C46-490D-A823-4FE036CE2A65",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB2849E-075B-4527-BC0C-16F8995FEB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D90C3D94-A671-4DDF-9EA9-2E566074C331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "120AFFD9-0A07-454F-BA0E-BA15483FA67F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DC97E96B-60C6-4E60-AFB1-0CF80E8374F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E77401-E9FB-4749-AC53-2FDCBFEEE735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1D50DEDE-0270-444B-8305-4A6A40460A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "500B70AA-A2C7-4D09-A0C7-204D9AD7DAAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FEEF5DEB-7695-4F98-8BC9-42220C8AD84B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "933C9C9F-8688-42CD-A2D1-905D75356741",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "022E4D21-2495-4811-A5CB-E25109A5775C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "439DEFCA-A232-4C2D-AB74-99A39965B15A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5138B28C-EB4E-424F-9917-1E958BCF88FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F2D8E402-A368-4A18-9655-E137DAC3E847",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3DF0E728-E3EB-46CC-80D2-8BE48095DF73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB4A1BA-9414-4953-BD13-5439020022C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E9A48C77-41A4-4991-A0A4-622BB0AE2474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C58952C9-A419-43C1-8E3E-230DCFC3497A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6B935BAA-681C-4E4C-A40E-65C3AD8EF17F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9D3805-A64D-4F33-847C-391225BD4EFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0743EE73-C87F-4D3D-9542-2F640A99E630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2119DA-2E27-4FA5-9C7D-698A3E9A524A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C684AD9B-7BEE-410B-AA1F-C1C4C002BB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888273E2-F272-4445-985F-CB9C6F02716B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F4746C-7656-43AD-B14B-66D72E9BA7A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF0AADD5-E0B7-4626-A35E-C37FD3A74306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D2E932CC-5C45-4E7A-A526-EA8F9E853F34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "760B8B8D-E42E-410E-BFEC-A2B90BAA57FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8C5031-3ABA-4C0A-BFDE-DAA531D8E3CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C8CBF12E-640F-4752-8F52-B5B3D4015FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A22C3AE-2E98-465C-B24C-725BEB99E943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21DDDCA1-78A1-4FFB-B180-7D0D20FE4FDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5B0394-3C38-454F-BF55-82AADCDEBE9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4F3D157E-9132-4EA9-A395-6E46C4C3C032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "33E5813B-160F-48B2-91B2-4599048028A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6A767A-D530-479B-9E3B-6FB49FD0B8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8D80D5F9-B4D9-41C9-B157-3FE31B54EDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1647D812-6174-4613-B57B-8BEF5C3877C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "074C6767-AC29-4A80-8A51-16DD69BFEAA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE6A4EB0-3143-41AF-B4CF-26C736BEF2A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8BBCB1-99D0-4634-BAD6-495B9D040A4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC01A92-9252-4184-B11A-39D077E761C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin before 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 through 4.2.9 and 4.3.0 through 4.3.3, allows remote attackers to inject arbitrary web script or HTML via the get-data parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en open-flash-chart.swf en Open Flash Chart (tambi\u00e9n conocido como Open-Flash Chart), utilizado en el plugin Pretty Link Lite anterior a 1.6.3 para WordPress, el componente 8.0.1 de JNews (com_jnews) para Joomla! y CiviCRM 3.1.0 hasta 4.2.9 y 4.3.0 hasta 4.3.3, permite a atacantes remotos inyectar script Web o HTML arbitrarios a trav\u00e9s del par\u00e1metro get-data."
}
],
"id": "CVE-2013-1636",
"lastModified": "2025-02-13T16:03:03.407",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-03-12T14:55:26.600",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0101.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/90435"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/120433/WordPress-Pretty-Link-1.6.3-Cross-Site-Scripting.html"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/121623/Joomla-Jnews-8.0.1-Cross-Site-Scripting.html"
},
{
"source": "cve@mitre.org",
"url": "http://wordpress.org/plugins/pretty-link/changelog"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://civicrm.org/advisory/civi-sa-2013-002-openflashchart-xss"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0101.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/90435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/120433/WordPress-Pretty-Link-1.6.3-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/121623/Joomla-Jnews-8.0.1-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wordpress.org/plugins/pretty-link/changelog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://civicrm.org/advisory/civi-sa-2013-002-openflashchart-xss"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82242"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-27 18:55
Modified
2024-11-21 01:58
Severity ?
Summary
Multiple SQL injection vulnerabilities in CRM/Core/Page/AJAX/Location.php in CiviCRM before 4.2.12, 4.3.x before 4.3.7, and 4.4.x before 4.4.beta4 allow remote attackers to execute arbitrary SQL commands via the _value parameter to (1) ajax/jqState or (2) ajax/jqcounty.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| civicrm | civicrm | 4.4 | |
| civicrm | civicrm | 4.4 | |
| civicrm | civicrm | 4.4 | |
| civicrm | civicrm | 4.4 | |
| civicrm | civicrm | 4.4.0 | |
| civicrm | civicrm | 4.4.0 | |
| civicrm | civicrm | * | |
| civicrm | civicrm | 4.2.0 | |
| civicrm | civicrm | 4.2.1 | |
| civicrm | civicrm | 4.2.2 | |
| civicrm | civicrm | 4.2.4 | |
| civicrm | civicrm | 4.2.5 | |
| civicrm | civicrm | 4.2.6 | |
| civicrm | civicrm | 4.2.7 | |
| civicrm | civicrm | 4.2.8 | |
| civicrm | civicrm | 4.2.9 | |
| civicrm | civicrm | 4.2.10 | |
| civicrm | civicrm | 4.3.0 | |
| civicrm | civicrm | 4.3.1 | |
| civicrm | civicrm | 4.3.2 | |
| civicrm | civicrm | 4.3.3 | |
| civicrm | civicrm | 4.3.4 | |
| civicrm | civicrm | 4.3.5 | |
| civicrm | civicrm | 4.3.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.4:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "DC81EF04-66EE-4B5B-9113-3BAA754825B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.4:beta1:*:*:*:*:*:*",
"matchCriteriaId": "7B4582F6-350D-4550-80BC-B7C6D065D3F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.4:beta2:*:*:*:*:*:*",
"matchCriteriaId": "365D85CE-4A4F-4BA2-B256-E22D11A9665E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.4:beta3:*:*:*:*:*:*",
"matchCriteriaId": "E5F1D942-D54C-405B-94B4-035B207B5F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.4.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "FD736AFB-6EC3-4144-BCC1-A73B409A6D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.4.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "2E6E8F41-66D2-4C41-A318-B010A4F7CAAD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:civicrm:civicrm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45A50206-85B1-44F7-ABBC-C467F4D58345",
"versionEndIncluding": "4.2.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C8CBF12E-640F-4752-8F52-B5B3D4015FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A22C3AE-2E98-465C-B24C-725BEB99E943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21DDDCA1-78A1-4FFB-B180-7D0D20FE4FDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5B0394-3C38-454F-BF55-82AADCDEBE9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4F3D157E-9132-4EA9-A395-6E46C4C3C032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "33E5813B-160F-48B2-91B2-4599048028A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6A767A-D530-479B-9E3B-6FB49FD0B8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8D80D5F9-B4D9-41C9-B157-3FE31B54EDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1647D812-6174-4613-B57B-8BEF5C3877C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0F02DA7A-8FA7-4518-896B-E3756F6C56E1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "074C6767-AC29-4A80-8A51-16DD69BFEAA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE6A4EB0-3143-41AF-B4CF-26C736BEF2A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8BBCB1-99D0-4634-BAD6-495B9D040A4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC01A92-9252-4184-B11A-39D077E761C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F03014FE-7086-4C5F-9630-4803720DC6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "36468BF2-1E30-4479-8CA0-43F5943B25CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E9D991D4-5744-417A-B896-D14F666DCF5A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in CRM/Core/Page/AJAX/Location.php in CiviCRM before 4.2.12, 4.3.x before 4.3.7, and 4.4.x before 4.4.beta4 allow remote attackers to execute arbitrary SQL commands via the _value parameter to (1) ajax/jqState or (2) ajax/jqcounty."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n de SQL en CRM/Core/Page/AJAX/Location.php de CiviCRM anterior a la versi\u00f3n 4.2.12, 4.3.x anterior a 4.3.7, y 4.4.x anterior a la versi\u00f3n 4.4.beta4 permite a atacantes remotos ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro _value a (1) ajax/jqState o (2) ajax/jqcounty."
}
],
"id": "CVE-2013-5957",
"lastModified": "2024-11-21T01:58:29.477",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-27T18:55:04.567",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://civicrm.org/advisory/civi-sa-2013-009-sql-injection-vulnerability"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/civicrm/civicrm-core/pull/1708.diff"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.navixia.com/blog/entry/navixia-finds-critical-vulnerability-in-civicrm-cve-2013-5957.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.navixia.com/company/navixia-news/395-navixia-finds-critical-vulnerability-in-civicrm.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://civicrm.org/advisory/civi-sa-2013-009-sql-injection-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/civicrm/civicrm-core/pull/1708.diff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.navixia.com/blog/entry/navixia-finds-critical-vulnerability-in-civicrm-cve-2013-5957.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.navixia.com/company/navixia-news/395-navixia-finds-critical-vulnerability-in-civicrm.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-29 18:55
Modified
2024-11-21 01:56
Severity ?
Summary
The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through 4.3.3 allows remote authenticated users to bypass the validation layer and conduct SQL injection attacks via a direct request to the "second layer" of the API, related to contact.getquick.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| civicrm | civicrm | 4.2.0 | |
| civicrm | civicrm | 4.2.1 | |
| civicrm | civicrm | 4.2.2 | |
| civicrm | civicrm | 4.2.4 | |
| civicrm | civicrm | 4.2.5 | |
| civicrm | civicrm | 4.2.6 | |
| civicrm | civicrm | 4.2.7 | |
| civicrm | civicrm | 4.2.8 | |
| civicrm | civicrm | 4.2.9 | |
| civicrm | civicrm | 4.3.0 | |
| civicrm | civicrm | 4.3.1 | |
| civicrm | civicrm | 4.3.2 | |
| civicrm | civicrm | 4.3.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C8CBF12E-640F-4752-8F52-B5B3D4015FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A22C3AE-2E98-465C-B24C-725BEB99E943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21DDDCA1-78A1-4FFB-B180-7D0D20FE4FDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5B0394-3C38-454F-BF55-82AADCDEBE9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4F3D157E-9132-4EA9-A395-6E46C4C3C032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "33E5813B-160F-48B2-91B2-4599048028A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6A767A-D530-479B-9E3B-6FB49FD0B8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8D80D5F9-B4D9-41C9-B157-3FE31B54EDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1647D812-6174-4613-B57B-8BEF5C3877C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "074C6767-AC29-4A80-8A51-16DD69BFEAA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE6A4EB0-3143-41AF-B4CF-26C736BEF2A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8BBCB1-99D0-4634-BAD6-495B9D040A4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC01A92-9252-4184-B11A-39D077E761C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through 4.3.3 allows remote authenticated users to bypass the validation layer and conduct SQL injection attacks via a direct request to the \"second layer\" of the API, related to contact.getquick."
},
{
"lang": "es",
"value": "Quick Search API en CiviCRM 4.2.0 hasta la versi\u00f3n 4.2.9 y 4.3.0 hasta 4.3.3 permite a usuarios remotos autenticados evadir la capa de validaci\u00f3n y llevar a cabo ataques de inyecciones de SQL a trav\u00e9s de peticiones directas hacia una \"segunda capa\" de la API, relacionada con contact.getquick."
}
],
"id": "CVE-2013-4662",
"lastModified": "2024-11-21T01:56:00.967",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-29T18:55:26.637",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://issues.civicrm.org/jira/browse/CRM-12765"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://civicrm.org/advisory/civi-sa-2013-004-limited-sql-injection-quick-search-api"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://issues.civicrm.org/jira/browse/CRM-12765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://civicrm.org/advisory/civi-sa-2013-004-limited-sql-injection-quick-search-api"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}