Lucene search

[email protected]CVE-2007-0052

HistoryJan 04, 2007 - 10:28 p.m.

CVE-2007-0052

2007-01-0422:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

security

sql injection

vizayn haber

haberdetay.asp

remote attackers

nvd

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

71.8%

JSON

SQL injection vulnerability in haberdetay.asp in Vizayn Haber allows remote attackers to execute arbitrary SQL commands via the id parameter.

CPENameOperatorVersion
vizayn_haber:vizayn_habervizayn habereq*

CPE	Name	Operator	Version
vizayn_haber:vizayn_haber	vizayn haber	eq	*

References

osvdb.org/31518

secunia.com/advisories/23576

www.securityfocus.com/bid/21836

www.vupen.com/english/advisories/2007/0015

exchange.xforce.ibmcloud.com/vulnerabilities/31213

www.exploit-db.com/exploits/3061

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

71.8%

JSON

Related for CVE-2007-0052

prion1 securityvulns1