Lucene search

MitreCVE-2007-1339

HistoryMar 08, 2007 - 10:19 p.m.

CVE-2007-1339

2007-03-0822:19:00

mitre

web.nvd.nist.gov

sql injection

links management app

vulnerability

remote attackers

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.008

Percentile

81.5%

JSON

SQL injection vulnerability in index.php in Links Management Application 1.0 allows remote attackers to execute arbitrary SQL commands via the lcnt parameter.

Affected configurations

Nvd

Node

monitor-linelinks_managementRange≤1.0

VendorProductVersionCPE
monitor-linelinks_management*cpe:2.3:a:monitor-line:links_management:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
monitor-line	links_management	*	cpe:2.3:a:monitor-line:links_management::::::::

References

osvdb.org/33862

secunia.com/advisories/24355

www.securityfocus.com/bid/22825

www.vupen.com/english/advisories/2007/0849

exchange.xforce.ibmcloud.com/vulnerabilities/32813

www.exploit-db.com/exploits/3416

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.008

Percentile

81.5%

JSON

Related for CVE-2007-1339