8.8 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
82.0%
Multiple SQL injection vulnerabilities in BytesFall Explorer (bfExplorer) 0.0.7.1 and earlier allow remote attackers to execute arbitrary SQL commands via the username ($User variable) to login/doLogin.php and other unspecified vectors.
CPE | Name | Operator | Version |
---|---|---|---|
bytesfall_explorer:bytesfall_explorer | bytesfall explorer | le | 0.0.7.1 |
sourceforge.net/forum/forum.php?forum_id=627671
sourceforge.net/project/shownotes.php?release_id=458642&group_id=174110
www.redteam-pentesting.de/advisories/rt-sa-2006-007.php?lang=en
www.securityfocus.com/archive/1/450166/100/100/threaded
www.securityfocus.com/bid/20800
www.vupen.com/english/advisories/2006/4255
exchange.xforce.ibmcloud.com/vulnerabilities/29942