MidnightBSD

Advisories for hitcode

CVE-2011-5038 HIGH

SQL injection vulnerability in hitCode hitAppoint 4.5.17 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
hitcode hitappoint 4.1.3
hitcode hitappoint 4.4.7
hitcode hitappoint 4.5.11
hitcode hitappoint 4.5.12
hitcode hitappoint 4.2.3
hitcode hitappoint 4.4.2
hitcode hitappoint 4.5.3
hitcode hitappoint 4.1.4
hitcode hitappoint 4.2.5
hitcode hitappoint 4.5.10
hitcode hitappoint 4.4.1
hitcode hitappoint 4.5.4
hitcode hitappoint 4.0.9
hitcode hitappoint 4.1.2
hitcode hitappoint 4.4.3
hitcode hitappoint 4.0.16
hitcode hitappoint 4.2.2
hitcode hitappoint 4.4.5
hitcode hitappoint 4.5.8
hitcode hitappoint 4.5.5
hitcode hitappoint 4.5.13
hitcode hitappoint 4.5.16
hitcode hitappoint 4.0.10
hitcode hitappoint 4.4.6
hitcode hitappoint 4.2.6
hitcode hitappoint 4.5.15
hitcode hitappoint 4.0.13
hitcode hitappoint 4.3.1
hitcode hitappoint 4.0.14
hitcode hitappoint 4.0.17
hitcode hitappoint *
hitcode hitappoint 4.3.3
hitcode hitappoint 4.2.4
hitcode hitappoint 4.3.4
hitcode hitappoint 4.5.7
hitcode hitappoint 4.3.2
hitcode hitappoint 4.5.
hitcode hitappoint 4.2.1
hitcode hitappoint 4.0.12
hitcode hitappoint 4.4.4
hitcode hitappoint 4.1.0
hitcode hitappoint 4.5.14
hitcode hitappoint 4.0.15
hitcode hitappoint 4.2.0
hitcode hitappoint 4.5.2
hitcode hitappoint 4.4.8
hitcode hitappoint 4.5.6
hitcode hitappoint 4.0.11
hitcode hitappoint 4.5.1
hitcode hitappoint 4.3.5
hitcode hitappoint 4.4.9
hitcode hitappoint 4.0
hitcode hitappoint 4.3.0
hitcode hitappoint 4.5.9
hitcode hitappoint 4.1.1
hitcode hitappoint 4.4.0
hitcode hitappoint 4.4.10