Lucene search

[email protected]CVE-2007-1171

HistoryMar 02, 2007 - 9:18 p.m.

CVE-2007-1171

2007-03-0221:18:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2007-1171

sql injection

nukesentinel

security vulnerability

admin cookie

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.7%

JSON

SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versions before 2.5.12 allows remote attackers to execute arbitrary SQL commands via an admin cookie.

CPENameOperatorVersion
nukescripts:nukesentinelnukescripts nukesentinelle2.5.11

CPE	Name	Operator	Version
nukescripts:nukesentinel	nukescripts nukesentinel	le	2.5.11

References

secunia.com/advisories/26954

securityreason.com/securityalert/2344

www.attrition.org/pipermail/vim/2007-September/001806.html

www.nukescripts.net/index.php?op=NEArticle&sid=4076

www.securityfocus.com/archive/1/460628/100/0/threaded

www.securityfocus.com/archive/1/480575/100/0/threaded

www.securityfocus.com/archive/1/480994/100/0/threaded

www.securityfocus.com/bid/22629

www.securityfocus.com/bid/25805

www.waraxe.us/advisory-53.html

exchange.xforce.ibmcloud.com/vulnerabilities/32582

www.exploit-db.com/exploits/3337

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.7%

JSON

Related for CVE-2007-1171

prion2 cve1 securityvulns1