Search

Find a vulnerability

Search criteria

    10 vulnerabilities by Binny V A

    CVE-2017-1002022 (GCVE-0-2017-1002022)

    Vulnerability from nvd – Published: 2017-09-14 13:00 – Updated: 2024-08-05 22:00
    VLAI
    Summary
    Vulnerability in wordpress plugin surveys v1.01.8, The code in questions.php does not sanitize the survey variable before placing it inside of an SQL query.
    Severity
    No CVSS data available.
    CWE
    • SQL Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Binny V A surveys Affected: unspecified , < 1.01.8 (custom)
    Create a notification for this product.
    Date Public
    2017-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:00:41.645Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wpvulndb.com/vulnerabilities/8833"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.vapidlabs.com/advisory.php?v=193"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/surveys/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "surveys",
              "vendor": "Binny V A",
              "versions": [
                {
                  "lessThan": "1.01.8",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "dateAssigned": "2017-05-21T00:00:00.000Z",
          "datePublic": "2017-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in wordpress plugin surveys v1.01.8, The code in questions.php does not sanitize the survey variable before placing it inside of an SQL query."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-15T09:57:01.000Z",
            "orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
            "shortName": "larry_cashdollar"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wpvulndb.com/vulnerabilities/8833"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.vapidlabs.com/advisory.php?v=193"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wordpress.org/plugins/surveys/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "larry0@me.com",
              "DATE_ASSIGNED": "2017-05-21",
              "ID": "CVE-2017-1002022",
              "REQUESTER": "kurt@seifried.org",
              "STATE": "PUBLIC",
              "UPDATED": "2017-08-10T14:41Z"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "surveys",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "1.01.8"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Binny V A"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in wordpress plugin surveys v1.01.8, The code in questions.php does not sanitize the survey variable before placing it inside of an SQL query."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "SQL Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpvulndb.com/vulnerabilities/8833",
                  "refsource": "MISC",
                  "url": "https://wpvulndb.com/vulnerabilities/8833"
                },
                {
                  "name": "http://www.vapidlabs.com/advisory.php?v=193",
                  "refsource": "MISC",
                  "url": "http://www.vapidlabs.com/advisory.php?v=193"
                },
                {
                  "name": "https://wordpress.org/plugins/surveys/",
                  "refsource": "MISC",
                  "url": "https://wordpress.org/plugins/surveys/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
        "assignerShortName": "larry_cashdollar",
        "cveId": "CVE-2017-1002022",
        "datePublished": "2017-09-14T13:00:00.000Z",
        "dateReserved": "2017-09-14T00:00:00.000Z",
        "dateUpdated": "2024-08-05T22:00:41.645Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1002021 (GCVE-0-2017-1002021)

    Vulnerability from nvd – Published: 2017-09-14 13:00 – Updated: 2024-08-05 22:00
    VLAI
    Summary
    Vulnerability in wordpress plugin surveys v1.01.8, The code in individual_responses.php does not sanitize the survey_id variable before placing it inside of an SQL query.
    Severity
    No CVSS data available.
    CWE
    • SQL Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Binny V A surveys Affected: unspecified , < 1.01.8 (custom)
    Create a notification for this product.
    Date Public
    2017-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:00:41.635Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wpvulndb.com/vulnerabilities/8833"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.vapidlabs.com/advisory.php?v=193"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/surveys/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "surveys",
              "vendor": "Binny V A",
              "versions": [
                {
                  "lessThan": "1.01.8",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "dateAssigned": "2017-05-21T00:00:00.000Z",
          "datePublic": "2017-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in wordpress plugin surveys v1.01.8, The code in individual_responses.php does not sanitize the survey_id variable before placing it inside of an SQL query."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-15T09:57:01.000Z",
            "orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
            "shortName": "larry_cashdollar"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wpvulndb.com/vulnerabilities/8833"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.vapidlabs.com/advisory.php?v=193"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wordpress.org/plugins/surveys/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "larry0@me.com",
              "DATE_ASSIGNED": "2017-05-21",
              "ID": "CVE-2017-1002021",
              "REQUESTER": "kurt@seifried.org",
              "STATE": "PUBLIC",
              "UPDATED": "2017-08-10T14:41Z"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "surveys",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "1.01.8"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Binny V A"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in wordpress plugin surveys v1.01.8, The code in individual_responses.php does not sanitize the survey_id variable before placing it inside of an SQL query."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "SQL Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpvulndb.com/vulnerabilities/8833",
                  "refsource": "MISC",
                  "url": "https://wpvulndb.com/vulnerabilities/8833"
                },
                {
                  "name": "http://www.vapidlabs.com/advisory.php?v=193",
                  "refsource": "MISC",
                  "url": "http://www.vapidlabs.com/advisory.php?v=193"
                },
                {
                  "name": "https://wordpress.org/plugins/surveys/",
                  "refsource": "MISC",
                  "url": "https://wordpress.org/plugins/surveys/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
        "assignerShortName": "larry_cashdollar",
        "cveId": "CVE-2017-1002021",
        "datePublished": "2017-09-14T13:00:00.000Z",
        "dateReserved": "2017-09-14T00:00:00.000Z",
        "dateUpdated": "2024-08-05T22:00:41.635Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1002020 (GCVE-0-2017-1002020)

    Vulnerability from nvd – Published: 2017-09-14 13:00 – Updated: 2024-08-05 22:00
    VLAI
    Summary
    Vulnerability in wordpress plugin surveys v1.01.8, The code in survey_form.php does not sanitize the action variable before placing it inside of an SQL query.
    Severity
    No CVSS data available.
    CWE
    • SQL Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Binny V A surveys Affected: unspecified , < 1.01.8 (custom)
    Create a notification for this product.
    Date Public
    2017-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:00:41.629Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wpvulndb.com/vulnerabilities/8833"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.vapidlabs.com/advisory.php?v=193"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/surveys/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "surveys",
              "vendor": "Binny V A",
              "versions": [
                {
                  "lessThan": "1.01.8",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "dateAssigned": "2017-05-21T00:00:00.000Z",
          "datePublic": "2017-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in wordpress plugin surveys v1.01.8, The code in survey_form.php does not sanitize the action variable before placing it inside of an SQL query."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-15T09:57:01.000Z",
            "orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
            "shortName": "larry_cashdollar"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wpvulndb.com/vulnerabilities/8833"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.vapidlabs.com/advisory.php?v=193"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wordpress.org/plugins/surveys/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "larry0@me.com",
              "DATE_ASSIGNED": "2017-05-21",
              "ID": "CVE-2017-1002020",
              "REQUESTER": "kurt@seifried.org",
              "STATE": "PUBLIC",
              "UPDATED": "2017-08-10T14:41Z"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "surveys",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "1.01.8"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Binny V A"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in wordpress plugin surveys v1.01.8, The code in survey_form.php does not sanitize the action variable before placing it inside of an SQL query."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "SQL Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpvulndb.com/vulnerabilities/8833",
                  "refsource": "MISC",
                  "url": "https://wpvulndb.com/vulnerabilities/8833"
                },
                {
                  "name": "http://www.vapidlabs.com/advisory.php?v=193",
                  "refsource": "MISC",
                  "url": "http://www.vapidlabs.com/advisory.php?v=193"
                },
                {
                  "name": "https://wordpress.org/plugins/surveys/",
                  "refsource": "MISC",
                  "url": "https://wordpress.org/plugins/surveys/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
        "assignerShortName": "larry_cashdollar",
        "cveId": "CVE-2017-1002020",
        "datePublished": "2017-09-14T13:00:00.000Z",
        "dateReserved": "2017-09-14T00:00:00.000Z",
        "dateUpdated": "2024-08-05T22:00:41.629Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1002019 (GCVE-0-2017-1002019)

    Vulnerability from nvd – Published: 2017-09-14 13:00 – Updated: 2024-09-16 20:32
    VLAI
    Summary
    Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter.
    Severity
    No CVSS data available.
    CWE
    • SQL Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Binny V A eventr Affected: unspecified , < 1.02.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:00:41.627Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/eventr/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.vapidlabs.com/advisory.php?v=192"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "eventr",
              "vendor": "Binny V A",
              "versions": [
                {
                  "lessThan": "1.02.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "dateAssigned": "2017-05-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-14T13:00:00.000Z",
            "orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
            "shortName": "larry_cashdollar"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wordpress.org/plugins/eventr/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.vapidlabs.com/advisory.php?v=192"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "larry0@me.com",
              "DATE_ASSIGNED": "2017-05-21",
              "ID": "CVE-2017-1002019",
              "REQUESTER": "kurt@seifried.org",
              "STATE": "PUBLIC",
              "UPDATED": "2017-08-10T14:41Z"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "eventr",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "1.02.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Binny V A"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "SQL Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wordpress.org/plugins/eventr/",
                  "refsource": "MISC",
                  "url": "https://wordpress.org/plugins/eventr/"
                },
                {
                  "name": "http://www.vapidlabs.com/advisory.php?v=192",
                  "refsource": "MISC",
                  "url": "http://www.vapidlabs.com/advisory.php?v=192"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
        "assignerShortName": "larry_cashdollar",
        "cveId": "CVE-2017-1002019",
        "datePublished": "2017-09-14T13:00:00.000Z",
        "dateReserved": "2017-09-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:32:31.909Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1002018 (GCVE-0-2017-1002018)

    Vulnerability from nvd – Published: 2017-09-14 13:00 – Updated: 2024-09-16 23:56
    VLAI
    Summary
    Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter.
    Severity
    No CVSS data available.
    CWE
    • SQL Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Binny V A eventr Affected: unspecified , < 1.02.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:00:41.669Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/eventr/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.vapidlabs.com/advisory.php?v=192"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "eventr",
              "vendor": "Binny V A",
              "versions": [
                {
                  "lessThan": "1.02.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "dateAssigned": "2017-05-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-14T13:00:00.000Z",
            "orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
            "shortName": "larry_cashdollar"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wordpress.org/plugins/eventr/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.vapidlabs.com/advisory.php?v=192"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "larry0@me.com",
              "DATE_ASSIGNED": "2017-05-21",
              "ID": "CVE-2017-1002018",
              "REQUESTER": "kurt@seifried.org",
              "STATE": "PUBLIC",
              "UPDATED": "2017-08-10T14:41Z"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "eventr",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "1.02.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Binny V A"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "SQL Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wordpress.org/plugins/eventr/",
                  "refsource": "MISC",
                  "url": "https://wordpress.org/plugins/eventr/"
                },
                {
                  "name": "http://www.vapidlabs.com/advisory.php?v=192",
                  "refsource": "MISC",
                  "url": "http://www.vapidlabs.com/advisory.php?v=192"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
        "assignerShortName": "larry_cashdollar",
        "cveId": "CVE-2017-1002018",
        "datePublished": "2017-09-14T13:00:00.000Z",
        "dateReserved": "2017-09-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:56:37.044Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1002021 (GCVE-0-2017-1002021)

    Vulnerability from cvelistv5 – Published: 2017-09-14 13:00 – Updated: 2024-08-05 22:00
    VLAI
    Summary
    Vulnerability in wordpress plugin surveys v1.01.8, The code in individual_responses.php does not sanitize the survey_id variable before placing it inside of an SQL query.
    Severity
    No CVSS data available.
    CWE
    • SQL Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Binny V A surveys Affected: unspecified , < 1.01.8 (custom)
    Create a notification for this product.
    Date Public
    2017-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:00:41.635Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wpvulndb.com/vulnerabilities/8833"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.vapidlabs.com/advisory.php?v=193"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/surveys/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "surveys",
              "vendor": "Binny V A",
              "versions": [
                {
                  "lessThan": "1.01.8",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "dateAssigned": "2017-05-21T00:00:00.000Z",
          "datePublic": "2017-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in wordpress plugin surveys v1.01.8, The code in individual_responses.php does not sanitize the survey_id variable before placing it inside of an SQL query."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-15T09:57:01.000Z",
            "orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
            "shortName": "larry_cashdollar"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wpvulndb.com/vulnerabilities/8833"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.vapidlabs.com/advisory.php?v=193"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wordpress.org/plugins/surveys/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "larry0@me.com",
              "DATE_ASSIGNED": "2017-05-21",
              "ID": "CVE-2017-1002021",
              "REQUESTER": "kurt@seifried.org",
              "STATE": "PUBLIC",
              "UPDATED": "2017-08-10T14:41Z"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "surveys",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "1.01.8"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Binny V A"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in wordpress plugin surveys v1.01.8, The code in individual_responses.php does not sanitize the survey_id variable before placing it inside of an SQL query."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "SQL Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpvulndb.com/vulnerabilities/8833",
                  "refsource": "MISC",
                  "url": "https://wpvulndb.com/vulnerabilities/8833"
                },
                {
                  "name": "http://www.vapidlabs.com/advisory.php?v=193",
                  "refsource": "MISC",
                  "url": "http://www.vapidlabs.com/advisory.php?v=193"
                },
                {
                  "name": "https://wordpress.org/plugins/surveys/",
                  "refsource": "MISC",
                  "url": "https://wordpress.org/plugins/surveys/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
        "assignerShortName": "larry_cashdollar",
        "cveId": "CVE-2017-1002021",
        "datePublished": "2017-09-14T13:00:00.000Z",
        "dateReserved": "2017-09-14T00:00:00.000Z",
        "dateUpdated": "2024-08-05T22:00:41.635Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1002020 (GCVE-0-2017-1002020)

    Vulnerability from cvelistv5 – Published: 2017-09-14 13:00 – Updated: 2024-08-05 22:00
    VLAI
    Summary
    Vulnerability in wordpress plugin surveys v1.01.8, The code in survey_form.php does not sanitize the action variable before placing it inside of an SQL query.
    Severity
    No CVSS data available.
    CWE
    • SQL Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Binny V A surveys Affected: unspecified , < 1.01.8 (custom)
    Create a notification for this product.
    Date Public
    2017-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:00:41.629Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wpvulndb.com/vulnerabilities/8833"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.vapidlabs.com/advisory.php?v=193"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/surveys/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "surveys",
              "vendor": "Binny V A",
              "versions": [
                {
                  "lessThan": "1.01.8",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "dateAssigned": "2017-05-21T00:00:00.000Z",
          "datePublic": "2017-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in wordpress plugin surveys v1.01.8, The code in survey_form.php does not sanitize the action variable before placing it inside of an SQL query."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-15T09:57:01.000Z",
            "orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
            "shortName": "larry_cashdollar"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wpvulndb.com/vulnerabilities/8833"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.vapidlabs.com/advisory.php?v=193"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wordpress.org/plugins/surveys/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "larry0@me.com",
              "DATE_ASSIGNED": "2017-05-21",
              "ID": "CVE-2017-1002020",
              "REQUESTER": "kurt@seifried.org",
              "STATE": "PUBLIC",
              "UPDATED": "2017-08-10T14:41Z"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "surveys",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "1.01.8"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Binny V A"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in wordpress plugin surveys v1.01.8, The code in survey_form.php does not sanitize the action variable before placing it inside of an SQL query."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "SQL Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpvulndb.com/vulnerabilities/8833",
                  "refsource": "MISC",
                  "url": "https://wpvulndb.com/vulnerabilities/8833"
                },
                {
                  "name": "http://www.vapidlabs.com/advisory.php?v=193",
                  "refsource": "MISC",
                  "url": "http://www.vapidlabs.com/advisory.php?v=193"
                },
                {
                  "name": "https://wordpress.org/plugins/surveys/",
                  "refsource": "MISC",
                  "url": "https://wordpress.org/plugins/surveys/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
        "assignerShortName": "larry_cashdollar",
        "cveId": "CVE-2017-1002020",
        "datePublished": "2017-09-14T13:00:00.000Z",
        "dateReserved": "2017-09-14T00:00:00.000Z",
        "dateUpdated": "2024-08-05T22:00:41.629Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1002022 (GCVE-0-2017-1002022)

    Vulnerability from cvelistv5 – Published: 2017-09-14 13:00 – Updated: 2024-08-05 22:00
    VLAI
    Summary
    Vulnerability in wordpress plugin surveys v1.01.8, The code in questions.php does not sanitize the survey variable before placing it inside of an SQL query.
    Severity
    No CVSS data available.
    CWE
    • SQL Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Binny V A surveys Affected: unspecified , < 1.01.8 (custom)
    Create a notification for this product.
    Date Public
    2017-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:00:41.645Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wpvulndb.com/vulnerabilities/8833"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.vapidlabs.com/advisory.php?v=193"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/surveys/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "surveys",
              "vendor": "Binny V A",
              "versions": [
                {
                  "lessThan": "1.01.8",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "dateAssigned": "2017-05-21T00:00:00.000Z",
          "datePublic": "2017-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in wordpress plugin surveys v1.01.8, The code in questions.php does not sanitize the survey variable before placing it inside of an SQL query."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-15T09:57:01.000Z",
            "orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
            "shortName": "larry_cashdollar"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wpvulndb.com/vulnerabilities/8833"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.vapidlabs.com/advisory.php?v=193"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wordpress.org/plugins/surveys/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "larry0@me.com",
              "DATE_ASSIGNED": "2017-05-21",
              "ID": "CVE-2017-1002022",
              "REQUESTER": "kurt@seifried.org",
              "STATE": "PUBLIC",
              "UPDATED": "2017-08-10T14:41Z"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "surveys",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "1.01.8"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Binny V A"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in wordpress plugin surveys v1.01.8, The code in questions.php does not sanitize the survey variable before placing it inside of an SQL query."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "SQL Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpvulndb.com/vulnerabilities/8833",
                  "refsource": "MISC",
                  "url": "https://wpvulndb.com/vulnerabilities/8833"
                },
                {
                  "name": "http://www.vapidlabs.com/advisory.php?v=193",
                  "refsource": "MISC",
                  "url": "http://www.vapidlabs.com/advisory.php?v=193"
                },
                {
                  "name": "https://wordpress.org/plugins/surveys/",
                  "refsource": "MISC",
                  "url": "https://wordpress.org/plugins/surveys/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
        "assignerShortName": "larry_cashdollar",
        "cveId": "CVE-2017-1002022",
        "datePublished": "2017-09-14T13:00:00.000Z",
        "dateReserved": "2017-09-14T00:00:00.000Z",
        "dateUpdated": "2024-08-05T22:00:41.645Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1002019 (GCVE-0-2017-1002019)

    Vulnerability from cvelistv5 – Published: 2017-09-14 13:00 – Updated: 2024-09-16 20:32
    VLAI
    Summary
    Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter.
    Severity
    No CVSS data available.
    CWE
    • SQL Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Binny V A eventr Affected: unspecified , < 1.02.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:00:41.627Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/eventr/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.vapidlabs.com/advisory.php?v=192"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "eventr",
              "vendor": "Binny V A",
              "versions": [
                {
                  "lessThan": "1.02.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "dateAssigned": "2017-05-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-14T13:00:00.000Z",
            "orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
            "shortName": "larry_cashdollar"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wordpress.org/plugins/eventr/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.vapidlabs.com/advisory.php?v=192"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "larry0@me.com",
              "DATE_ASSIGNED": "2017-05-21",
              "ID": "CVE-2017-1002019",
              "REQUESTER": "kurt@seifried.org",
              "STATE": "PUBLIC",
              "UPDATED": "2017-08-10T14:41Z"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "eventr",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "1.02.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Binny V A"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "SQL Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wordpress.org/plugins/eventr/",
                  "refsource": "MISC",
                  "url": "https://wordpress.org/plugins/eventr/"
                },
                {
                  "name": "http://www.vapidlabs.com/advisory.php?v=192",
                  "refsource": "MISC",
                  "url": "http://www.vapidlabs.com/advisory.php?v=192"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
        "assignerShortName": "larry_cashdollar",
        "cveId": "CVE-2017-1002019",
        "datePublished": "2017-09-14T13:00:00.000Z",
        "dateReserved": "2017-09-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:32:31.909Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1002018 (GCVE-0-2017-1002018)

    Vulnerability from cvelistv5 – Published: 2017-09-14 13:00 – Updated: 2024-09-16 23:56
    VLAI
    Summary
    Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter.
    Severity
    No CVSS data available.
    CWE
    • SQL Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Binny V A eventr Affected: unspecified , < 1.02.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:00:41.669Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/eventr/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.vapidlabs.com/advisory.php?v=192"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "eventr",
              "vendor": "Binny V A",
              "versions": [
                {
                  "lessThan": "1.02.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "dateAssigned": "2017-05-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-14T13:00:00.000Z",
            "orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
            "shortName": "larry_cashdollar"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wordpress.org/plugins/eventr/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.vapidlabs.com/advisory.php?v=192"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "larry0@me.com",
              "DATE_ASSIGNED": "2017-05-21",
              "ID": "CVE-2017-1002018",
              "REQUESTER": "kurt@seifried.org",
              "STATE": "PUBLIC",
              "UPDATED": "2017-08-10T14:41Z"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "eventr",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "1.02.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Binny V A"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "SQL Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wordpress.org/plugins/eventr/",
                  "refsource": "MISC",
                  "url": "https://wordpress.org/plugins/eventr/"
                },
                {
                  "name": "http://www.vapidlabs.com/advisory.php?v=192",
                  "refsource": "MISC",
                  "url": "http://www.vapidlabs.com/advisory.php?v=192"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
        "assignerShortName": "larry_cashdollar",
        "cveId": "CVE-2017-1002018",
        "datePublished": "2017-09-14T13:00:00.000Z",
        "dateReserved": "2017-09-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:56:37.044Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }