Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Apr 12, 2013· Updated Apr 29, 2026

CVE-2013-3050

CVE-2013-3050

Description

SQL injection vulnerability in ZAPms 1.41 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter to product.

Affected products

3

Zapms/Zapms3 versions
cpe:2.3:a:zapms:zapms:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:zapms:zapms:*:*:*:*:*:*:*:*range: <=1.41
- cpe:2.3:a:zapms:zapms:1.33:*:*:*:*:*:*:*
- cpe:2.3:a:zapms:zapms:1.40:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

packetstormsecurity.com/files/121202/ZAPms-1.41-SQL-Injection.htmlnvdExploit
www.exploit-db.com/exploits/24942nvdExploit
www.securityfocus.com/bid/58960nvdExploit
secunia.com/advisories/52946nvdVendor Advisory
osvdb.org/92236nvd
www.zapms.de/open_source_cms_ennvd
exchange.xforce.ibmcloud.com/vulnerabilities/83313nvd

News mentions

0

No linked articles in our index yet.