Lucene search

K
cve[email protected]CVE-2007-2320
HistoryApr 26, 2007 - 9:19 p.m.

CVE-2007-2320

2007-04-2621:19:00
NVD-CWE-Other
web.nvd.nist.gov
22
cve
2007
2320
sql injection
vulnerability
kontakt.php
papoo 3.02
nvd

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.5%

SQL injection vulnerability in kontakt.php in Papoo 3.02 and earlier allows remote attackers to execute arbitrary SQL commands via the menuid parameter, a different vector than CVE-2005-4478.

CPENameOperatorVersion
papoo:papoopapoole3.02

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.5%

Related for CVE-2007-2320