Lucene search
MitreCVE-2007-1019HistoryFeb 21, 2007 - 11:28 a.m.
CVE-2007-1019
2007-02-2111:28:00
mitre
web.nvd.nist.gov
26
cve-2007-1019
sql injection
webspell 4.01.02
register_globals
remote attackers
nvd
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
8.1
Confidence
Low
EPSS
0.01
Percentile
84.1%
SQL injection vulnerability in news.php in webSPELL 4.01.02, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the showonly parameter to index.php, a different vector than CVE-2006-5388.
Affected configurations
Node
webspellwebspellMatch4.01.02
Related
cvelist
cvelist
prion
prion
Sql injection
2007-02-21 11:28:00
Sql injection
2007-03-02 21:18:00
nvd
nvd
exploitdb
exploitdb
webSPELL 4.01.02 - 'showonly' Blind SQL Injection
2007-02-16 00:00:00
webSPELL 4.01.01 - 'getsquad' SQL Injection
2006-10-15 00:00:00
cve
cve
CVE-2007-1163
2007-03-02 21:18:00
CVE-2006-5388
2006-10-18 19:07:00
securityvulns
securityvulns
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
8.1
Confidence
Low
EPSS
0.01
Percentile
84.1%
Related for CVE-2007-1019