Lucene search

[email protected]CVE-2007-0920

HistoryFeb 14, 2007 - 11:28 a.m.

CVE-2007-0920

2007-02-1411:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sql injection

philboard

forum

remote attackers

security vulnerability

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

71.7%

JSON

SQL injection vulnerability in philboard_forum.asp in Philboard 1.14 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter.

CPENameOperatorVersion
philboard:philboardphilboardle1.14

CPE	Name	Operator	Version
philboard:philboard	philboard	le	1.14

References

osvdb.org/35678

www.securityfocus.com/bid/22532

www.vupen.com/english/advisories/2007/0600

exchange.xforce.ibmcloud.com/vulnerabilities/32442

www.exploit-db.com/exploits/3295

Social References

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

71.7%

JSON

Related for CVE-2007-0920

cvelist6 securityvulns1 prion6 cve5