Lucene search

[email protected]CVE-2007-1254

HistoryMar 03, 2007 - 8:19 p.m.

CVE-2007-1254

2007-03-0320:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sql injection

vulnerability

connectix boards

part.userprofile.php

remote authenticated users

nvd

8.2 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.1%

JSON

SQL injection vulnerability in part.userprofile.php in Connectix Boards 0.7 and earlier allows remote authenticated users to execute arbitrary SQL commands and obtain privileges via the p_skin parameter to index.php.

CPENameOperatorVersion
connectix:connectix_boardsconnectix connectix boardseq0.5
connectix:connectix_boardsconnectix connectix boardseq0.4.2
connectix:connectix_boardsconnectix connectix boardseq0.4
connectix:connectix_boardsconnectix connectix boardseq0.4.3
connectix:connectix_boardsconnectix connectix boardseq0.7
connectix:connectix_boardsconnectix connectix boardseq0.5.4
connectix:connectix_boardsconnectix connectix boardseq0.5.3
connectix:connectix_boardsconnectix connectix boardseq0.5.1
connectix:connectix_boardsconnectix connectix boardseq0.6.1
connectix:connectix_boardsconnectix connectix boardseq0.5.2

CPE	Name	Operator	Version
connectix:connectix_boards	connectix connectix boards	eq	0.5
connectix:connectix_boards	connectix connectix boards	eq	0.4.2
connectix:connectix_boards	connectix connectix boards	eq	0.4
connectix:connectix_boards	connectix connectix boards	eq	0.4.3
connectix:connectix_boards	connectix connectix boards	eq	0.7
connectix:connectix_boards	connectix connectix boards	eq	0.5.4
connectix:connectix_boards	connectix connectix boards	eq	0.5.3
connectix:connectix_boards	connectix connectix boards	eq	0.5.1
connectix:connectix_boards	connectix connectix boards	eq	0.6.1
connectix:connectix_boards	connectix connectix boards	eq	0.5.2

Rows per page:

1-10 of 141

References

osvdb.org/33537

secunia.com/advisories/24255

securityreason.com/securityalert/2364

www.securityfocus.com/archive/1/460947/100/0/threaded

www.exploit-db.com/exploits/3352

8.2 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.1%

JSON

Related for CVE-2007-1254

prion1 securityvulns1