VDB

GCVE-110-CERTCC-2013-217836

GCVE-110-CERTCC-2013-217836
Advisory PublishedCVSS 6.5/10
Vulnetix · Advisory published July 12, 2013
The Wave EMBASSY Remote Administration Server (ERAS) contains the ERAS Help Desk application that fails to filter user input allowing for the exploitation of SQL injection vulnerabilities. These vulnerabilities may allow a remote authenticated attacker to execute procedures or SQL queries and updates on the vulnerable database application as well as command execution on the target server.

Risk Scores

CVSS 2.0
6.5/10
Medium · AV:N/AC:L/Au:S/C:P/I:P/A:P
certcc-cam
certcc-cam
impact0population0exploitation0widely_known0score_current0ease_of_exploitation0
certcc-vrda
certcc-vrda
d1_impact2d1_population1d1_direct_report1
certcc-cvss-temporal-env
certcc-cvss-temporal-env
temporal_score5.1remediation_levelOFreport_confidenceCenvironmental_score1.27683519756581target_distributionLenvironmental_vectorCDP:ND/TD:L/CR:ND/IR:ND/AR:ND

Browse GCVE Records

73,280 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›