Lucene search

[email protected]CVE-2007-0196

HistoryJan 11, 2007 - 11:28 a.m.

CVE-2007-0196

2007-01-1111:28:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2007-0196

sql injection

admin_check_user.asp

motionborg web real estate 2.1

nvd

security vulnerability

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.2%

JSON

SQL injection vulnerability in admin_check_user.asp in Motionborg Web Real Estate 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the username field (txtUserName parameter) and possibly other parameters. NOTE: some details were obtained from third party information.

CPENameOperatorVersion
motionborg:motionborg_web_real_estatemotionborg motionborg web real estatele2.1

CPE	Name	Operator	Version
motionborg:motionborg_web_real_estate	motionborg motionborg web real estate	le	2.1

References

osvdb.org/32718

secunia.com/advisories/23531

www.securityfocus.com/bid/21963

www.vupen.com/english/advisories/2007/0143

exchange.xforce.ibmcloud.com/vulnerabilities/31360

www.exploit-db.com/exploits/3105

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.2%

JSON

Related for CVE-2007-0196

prion1 securityvulns1