ARC (aka ARC2) through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2_StoreSelectQueryHandler.php via comments in a SPARQL WHERE clause.
References
Link | Resource |
---|---|
https://www.ush.it/2012/11/22/arc-v2011-12-01-multiple-vulnerabilities/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-04-25T00:00:00
Updated: 2023-04-25T00:00:00
Reserved: 2012-11-15T00:00:00
Link: CVE-2012-5872
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-04-26T00:15:08.857
Modified: 2023-05-05T17:29:16.587
Link: CVE-2012-5872
JSON object: View
Redhat Information
No data.
CWE