Lucene search

[email protected]CVE-2007-2612

HistoryMay 11, 2007 - 10:19 a.m.

CVE-2007-2612

2007-05-1110:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-2612

sql injection

wikkawiki

wikka wiki

remote attackers

arbitrary sql commands

nvd

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.8%

JSON

SQL injection vulnerability in libs/Wakka.class.php in WikkaWiki (Wikka Wiki) before 1.1.6.3 allows remote attackers to execute arbitrary SQL commands via the limit parameter. NOTE: this issue only applies to a “modified installation.”

CPENameOperatorVersion
wikkawiki:wikkawikiwikkawikile1.1.6.2

CPE	Name	Operator	Version
wikkawiki:wikkawiki	wikkawiki	le	1.1.6.2

References

osvdb.org/35826

wikkawiki.org/WikkaReleaseNotes

wush.net/trac/wikka/ticket/383

www.vupen.com/english/advisories/2007/1725

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.8%

JSON

Related for CVE-2007-2612

prion1 cvelist1