CVE-2011-1555

SQL injection vulnerability in saa.php in Andy's PHP Knowledgebase (Aphpkb) 0.95.3 and earlier allows remote attackers to execute arbitrary SQL commands via the aid parameter, a different vulnerability than CVE-2011-1546. NOTE: some of these details are obtained from third party information.

公开: 2011-04-04 最后更新: 2026-06-16 分配方: [email protected] 来源: [email protected]

结论预警: CVE-2011-1555 综合评估为中等风险(48.2/100):CVSS 技术影响为中级,利用概率(EPSS 1.01%) 强制指令: 梳理受影响资产并纳入修补计划。

风险随态势动态变化;本站持续评估并同步更新本页展示内容。

CVE-2011-1555 的 EPSS(利用预测评分)

EPSS 日更估计相对被利用可能性;百分位表示该 CVE 在已评分漏洞中的相对排名(越高表示相对更严重)。

# 日期 旧 EPSS 分数 新 EPSS 分数 变化(新 − 旧)
1 2026-06-15 0.39% 1.01% +0.62%
2 2025-03-17 0.13% 0.39% +0.26%
3 2024-09-17 0.13%

完整 EPSS 历史 (共 6 条)

CVE-2011-1555 的 CVSS 指标

该 CVE 的 CVSS 指标。

底座分 版本 严重度 向量 可利用性 影响 分数来源
6.8 2.0 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P 点击展开
访问路径 (AV:N)
只要路由可达,即可从远端发起利用。
访问复杂度 (AC:M)
需要若干有利条件,但不至于“千年一遇”。
认证 (AU:N)
全程无需有效身份。
机密性影响 (C:P)
机密性受到部分损害。
完整性影响 (I:P)
完整性受到部分损害。
可用性影响 (A:P)
可用性受到部分损害。
8.6 6.4 [email protected]

CVE-2011-1555 的弱点枚举

CVE-2011-1555 的影响软件 / 配置

厂商 产品 版本 原始 CPE
aphpkb aphpkb <= 0.95.3 cpe:2.3:a:aphpkb:aphpkb:*:*:*:*:*:*:*:*
aphpkb aphpkb 0.1 cpe:2.3:a:aphpkb:aphpkb:0.1:*:*:*:*:*:*:*
aphpkb aphpkb 0.2 cpe:2.3:a:aphpkb:aphpkb:0.2:*:*:*:*:*:*:*
aphpkb aphpkb 0.3 cpe:2.3:a:aphpkb:aphpkb:0.3:*:*:*:*:*:*:*
aphpkb aphpkb 0.4 cpe:2.3:a:aphpkb:aphpkb:0.4:*:*:*:*:*:*:*
aphpkb aphpkb 0.5 cpe:2.3:a:aphpkb:aphpkb:0.5:*:*:*:*:*:*:*
aphpkb aphpkb 0.6 cpe:2.3:a:aphpkb:aphpkb:0.6:*:*:*:*:*:*:*
aphpkb aphpkb 0.9 cpe:2.3:a:aphpkb:aphpkb:0.9:*:*:*:*:*:*:*
aphpkb aphpkb 0.21 cpe:2.3:a:aphpkb:aphpkb:0.21:*:*:*:*:*:*:*
aphpkb aphpkb 0.31 cpe:2.3:a:aphpkb:aphpkb:0.31:*:*:*:*:*:*:*
aphpkb aphpkb 0.33 cpe:2.3:a:aphpkb:aphpkb:0.33:*:*:*:*:*:*:*
aphpkb aphpkb 0.35 cpe:2.3:a:aphpkb:aphpkb:0.35:*:*:*:*:*:*:*
aphpkb aphpkb 0.38 cpe:2.3:a:aphpkb:aphpkb:0.38:*:*:*:*:*:*:*
aphpkb aphpkb 0.39 cpe:2.3:a:aphpkb:aphpkb:0.39:*:*:*:*:*:*:*
aphpkb aphpkb 0.41 cpe:2.3:a:aphpkb:aphpkb:0.41:*:*:*:*:*:*:*
aphpkb aphpkb 0.42 cpe:2.3:a:aphpkb:aphpkb:0.42:*:*:*:*:*:*:*
aphpkb aphpkb 0.43 cpe:2.3:a:aphpkb:aphpkb:0.43:*:*:*:*:*:*:*
aphpkb aphpkb 0.44 cpe:2.3:a:aphpkb:aphpkb:0.44:*:*:*:*:*:*:*
aphpkb aphpkb 0.45 cpe:2.3:a:aphpkb:aphpkb:0.45:*:*:*:*:*:*:*
aphpkb aphpkb 0.51 cpe:2.3:a:aphpkb:aphpkb:0.51:*:*:*:*:*:*:*
aphpkb aphpkb 0.52 cpe:2.3:a:aphpkb:aphpkb:0.52:*:*:*:*:*:*:*
aphpkb aphpkb 0.53 cpe:2.3:a:aphpkb:aphpkb:0.53:*:*:*:*:*:*:*
aphpkb aphpkb 0.54 cpe:2.3:a:aphpkb:aphpkb:0.54:*:*:*:*:*:*:*
aphpkb aphpkb 0.55 cpe:2.3:a:aphpkb:aphpkb:0.55:*:*:*:*:*:*:*
aphpkb aphpkb 0.56 cpe:2.3:a:aphpkb:aphpkb:0.56:*:*:*:*:*:*:*
aphpkb aphpkb 0.57 cpe:2.3:a:aphpkb:aphpkb:0.57:*:*:*:*:*:*:*
aphpkb aphpkb 0.58 cpe:2.3:a:aphpkb:aphpkb:0.58:*:*:*:*:*:*:*
aphpkb aphpkb 0.59 cpe:2.3:a:aphpkb:aphpkb:0.59:*:*:*:*:*:*:*
aphpkb aphpkb 0.61 cpe:2.3:a:aphpkb:aphpkb:0.61:*:*:*:*:*:*:*
aphpkb aphpkb 0.62 cpe:2.3:a:aphpkb:aphpkb:0.62:*:*:*:*:*:*:*
aphpkb aphpkb 0.63 cpe:2.3:a:aphpkb:aphpkb:0.63:*:*:*:*:*:*:*
aphpkb aphpkb 0.64 cpe:2.3:a:aphpkb:aphpkb:0.64:*:*:*:*:*:*:*
aphpkb aphpkb 0.65 cpe:2.3:a:aphpkb:aphpkb:0.65:*:*:*:*:*:*:*
aphpkb aphpkb 0.66 cpe:2.3:a:aphpkb:aphpkb:0.66:*:*:*:*:*:*:*
aphpkb aphpkb 0.67 cpe:2.3:a:aphpkb:aphpkb:0.67:*:*:*:*:*:*:*
aphpkb aphpkb 0.70 cpe:2.3:a:aphpkb:aphpkb:0.70:*:*:*:*:*:*:*
aphpkb aphpkb 0.71 cpe:2.3:a:aphpkb:aphpkb:0.71:*:*:*:*:*:*:*
aphpkb aphpkb 0.72 cpe:2.3:a:aphpkb:aphpkb:0.72:*:*:*:*:*:*:*
aphpkb aphpkb 0.73 cpe:2.3:a:aphpkb:aphpkb:0.73:*:*:*:*:*:*:*
aphpkb aphpkb 0.74 cpe:2.3:a:aphpkb:aphpkb:0.74:*:*:*:*:*:*:*
aphpkb aphpkb 0.75 cpe:2.3:a:aphpkb:aphpkb:0.75:*:*:*:*:*:*:*
aphpkb aphpkb 0.76 cpe:2.3:a:aphpkb:aphpkb:0.76:*:*:*:*:*:*:*
aphpkb aphpkb 0.77 cpe:2.3:a:aphpkb:aphpkb:0.77:*:*:*:*:*:*:*
aphpkb aphpkb 0.78 cpe:2.3:a:aphpkb:aphpkb:0.78:*:*:*:*:*:*:*
aphpkb aphpkb 0.79 cpe:2.3:a:aphpkb:aphpkb:0.79:*:*:*:*:*:*:*
aphpkb aphpkb 0.80 cpe:2.3:a:aphpkb:aphpkb:0.80:*:*:*:*:*:*:*
aphpkb aphpkb 0.81 cpe:2.3:a:aphpkb:aphpkb:0.81:*:*:*:*:*:*:*
aphpkb aphpkb 0.82 cpe:2.3:a:aphpkb:aphpkb:0.82:*:*:*:*:*:*:*
aphpkb aphpkb 0.83 cpe:2.3:a:aphpkb:aphpkb:0.83:*:*:*:*:*:*:*
aphpkb aphpkb 0.84 cpe:2.3:a:aphpkb:aphpkb:0.84:*:*:*:*:*:*:*
aphpkb aphpkb 0.85 cpe:2.3:a:aphpkb:aphpkb:0.85:*:*:*:*:*:*:*
aphpkb aphpkb 0.86 cpe:2.3:a:aphpkb:aphpkb:0.86:*:*:*:*:*:*:*
aphpkb aphpkb 0.87 cpe:2.3:a:aphpkb:aphpkb:0.87:*:*:*:*:*:*:*
aphpkb aphpkb 0.88 cpe:2.3:a:aphpkb:aphpkb:0.88:*:*:*:*:*:*:*
aphpkb aphpkb 0.88.5 cpe:2.3:a:aphpkb:aphpkb:0.88.5:*:*:*:*:*:*:*
aphpkb aphpkb 0.88.6 cpe:2.3:a:aphpkb:aphpkb:0.88.6:*:*:*:*:*:*:*
aphpkb aphpkb 0.88.7 cpe:2.3:a:aphpkb:aphpkb:0.88.7:*:*:*:*:*:*:*
aphpkb aphpkb 0.88.8 cpe:2.3:a:aphpkb:aphpkb:0.88.8:*:*:*:*:*:*:*
aphpkb aphpkb 0.89 cpe:2.3:a:aphpkb:aphpkb:0.89:*:*:*:*:*:*:*
aphpkb aphpkb 0.91 cpe:2.3:a:aphpkb:aphpkb:0.91:*:*:*:*:*:*:*
aphpkb aphpkb 0.92 cpe:2.3:a:aphpkb:aphpkb:0.92:*:*:*:*:*:*:*
aphpkb aphpkb 0.92.1 cpe:2.3:a:aphpkb:aphpkb:0.92.1:*:*:*:*:*:*:*
aphpkb aphpkb 0.92.2 cpe:2.3:a:aphpkb:aphpkb:0.92.2:*:*:*:*:*:*:*
aphpkb aphpkb 0.92.3 cpe:2.3:a:aphpkb:aphpkb:0.92.3:*:*:*:*:*:*:*
aphpkb aphpkb 0.92.4 cpe:2.3:a:aphpkb:aphpkb:0.92.4:*:*:*:*:*:*:*
aphpkb aphpkb 0.92.5 cpe:2.3:a:aphpkb:aphpkb:0.92.5:*:*:*:*:*:*:*
aphpkb aphpkb 0.92.6 cpe:2.3:a:aphpkb:aphpkb:0.92.6:*:*:*:*:*:*:*
aphpkb aphpkb 0.92.7 cpe:2.3:a:aphpkb:aphpkb:0.92.7:*:*:*:*:*:*:*
aphpkb aphpkb 0.92.8 cpe:2.3:a:aphpkb:aphpkb:0.92.8:*:*:*:*:*:*:*
aphpkb aphpkb 0.92.9 cpe:2.3:a:aphpkb:aphpkb:0.92.9:*:*:*:*:*:*:*
aphpkb aphpkb 0.93.1 cpe:2.3:a:aphpkb:aphpkb:0.93.1:*:*:*:*:*:*:*
aphpkb aphpkb 0.93.2 cpe:2.3:a:aphpkb:aphpkb:0.93.2:*:*:*:*:*:*:*
aphpkb aphpkb 0.93.3 cpe:2.3:a:aphpkb:aphpkb:0.93.3:*:*:*:*:*:*:*
aphpkb aphpkb 0.93.4 cpe:2.3:a:aphpkb:aphpkb:0.93.4:*:*:*:*:*:*:*
aphpkb aphpkb 0.93.5 cpe:2.3:a:aphpkb:aphpkb:0.93.5:*:*:*:*:*:*:*
aphpkb aphpkb 0.93.6 cpe:2.3:a:aphpkb:aphpkb:0.93.6:*:*:*:*:*:*:*
aphpkb aphpkb 0.93.7 cpe:2.3:a:aphpkb:aphpkb:0.93.7:*:*:*:*:*:*:*
aphpkb aphpkb 0.93.8 cpe:2.3:a:aphpkb:aphpkb:0.93.8:*:*:*:*:*:*:*
aphpkb aphpkb 0.93.9 cpe:2.3:a:aphpkb:aphpkb:0.93.9:*:*:*:*:*:*:*
aphpkb aphpkb 0.94.1 cpe:2.3:a:aphpkb:aphpkb:0.94.1:*:*:*:*:*:*:*

CVE-2011-1555 的参考链接

cvelogic Threat Intelligence