Lucene search

[email protected]CVE-2007-1808

HistoryApr 02, 2007 - 11:19 p.m.

CVE-2007-1808

2007-04-0223:19:00

[email protected]

web.nvd.nist.gov

sql injection

show.php

camportail 1.1

xoops

remote attackers

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.7%

JSON

SQL injection vulnerability in show.php in the Camportail 1.1 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the camid parameter in a showcam action.

Affected configurations

NVD

Node

camportailcamportailRange≤1.1

CPENameOperatorVersion
camportail:camportailcamportaille1.1

CPE	Name	Operator	Version
camportail:camportail	camportail	le	1.1

References

osvdb.org/34456

secunia.com/advisories/24748

www.securityfocus.com/bid/23245

www.vupen.com/english/advisories/2007/1201

exchange.xforce.ibmcloud.com/vulnerabilities/33373

www.exploit-db.com/exploits/3629

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.7%

JSON

Related for CVE-2007-1808

cvelist1 checkpoint_advisories1 prion1 nvd1 securityvulns1