Lucene search

[email protected]CVE-2007-0688

HistoryFeb 03, 2007 - 1:28 a.m.

CVE-2007-0688

2007-02-0301:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-0688

sql injection

vulnerability

oku.asp

hunkaray duyuru scripti

remote attackers

arbitrary sql commands

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.6%

JSON

SQL injection vulnerability in oku.asp in Hunkaray Duyuru Scripti allows remote attackers to execute arbitrary SQL commands via the id parameter.

CPENameOperatorVersion
hunkaray_duyuru:scriptihunkaray duyuru scriptieq*

CPE	Name	Operator	Version
hunkaray_duyuru:scripti	hunkaray duyuru scripti	eq	*

References

osvdb.org/34086

secunia.com/advisories/25581

www.securityfocus.com/archive/1/470744/100/0/threaded

www.securityfocus.com/bid/24367

www.vupen.com/english/advisories/2007/0446

exchange.xforce.ibmcloud.com/vulnerabilities/32042

www.exploit-db.com/exploits/3241

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.6%

JSON

Related for CVE-2007-0688

prion2 cve1 securityvulns1