Vulnerabilities > Bestpractical > RT > 2.0.5.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-06-04 | CVE-2011-4460 | SQL Injection vulnerability in Bestpractical RT SQL injection vulnerability in Best Practical Solutions RT 2.x and 3.x before 3.8.12 and 4.x before 4.0.6 allows remote authenticated users to execute arbitrary SQL commands by leveraging access to a privileged account. | 6.5 |
2011-04-22 | CVE-2011-1689 | Cross-Site Scripting vulnerability in Bestpractical RT Multiple cross-site scripting (XSS) vulnerabilities in Best Practical Solutions RT 2.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2011-04-22 | CVE-2011-1686 | SQL Injection vulnerability in Bestpractical RT Multiple SQL injection vulnerabilities in Best Practical Solutions RT 2.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors, as demonstrated by reading data. | 6.5 |