CVE-2011-3838

Name: CVE-2011-3838
Creator: NVD / NIST
Published: 2011-12-24T19:55:03.943+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.41%

Last modified Jun 16, 2026

CVE-2011-3838 is a vulnerability of currently unknown severity. Multiple SQL injection vulnerabilities in Wuzly 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) u parameter to fp.php, (2) epage parameter to newpage.php, (3) epost parameter to newpost.php, and (4) username parameter to login.php in admin/; or the (5) username parameter to mobile/login.php.. EPSS estimates a 1.41% chance of exploitation in the next 30 days.

Description

Multiple SQL injection vulnerabilities in Wuzly 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) u parameter to fp.php, (2) epage parameter to newpage.php, (3) epost parameter to newpost.php, and (4) username parameter to login.php in admin/; or the (5) username parameter to mobile/login.php.

Metrics

EPSS Probability

1.41%

69.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-89

Affected Software

Vendor	Product	Versions
Wuzly	Wuzly	2.0

References

Timeline

Published: Dec 24, 2011
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2011-3838?

How severe is CVE-2011-3838?

Severity scoring for CVE-2011-3838 is pending analysis. The EPSS model estimates a 1.41% probability of exploitation in the next 30 days.

How do I fix CVE-2011-3838?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2011-3838?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST