CVE-2011-3340

Atcom Netvolution - SQL Injection

Title source: rule
STIX 2.1

Description

SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Patroklos Argyroudis · textwebappsphp
https://www.exploit-db.com/exploits/36200

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/519984/100/0/threaded
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/46255

Scores

EPSS 0.0091
EPSS Percentile 75.8%

Details

CWE
CWE-89
Status published
Products (1)
atcom/netvolution 2.5.6
Published Oct 21, 2011
Tracked Since Feb 18, 2026