Lucene search

[email protected]CVE-2007-2621

HistoryMay 11, 2007 - 4:19 p.m.

CVE-2007-2621

2007-05-1116:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-2621

sql injection

thyme calendar 1.3

security vulnerability

nvd

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.3%

JSON

SQL injection vulnerability in event_view.php in Thyme Calendar 1.3 allows remote attackers to execute arbitrary SQL commands via the eid parameter.

CPENameOperatorVersion
extrovert_software:thyme_calndarextrovert software thyme calndareq1.3

CPE	Name	Operator	Version
extrovert_software:thyme_calndar	extrovert software thyme calndar	eq	1.3

References

osvdb.org/35971

secunia.com/advisories/25234

www.securityfocus.com/bid/23912

www.vupen.com/english/advisories/2007/1771

exchange.xforce.ibmcloud.com/vulnerabilities/34211

www.exploit-db.com/exploits/3895

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.3%

JSON

Related for CVE-2007-2621

nessus1 prion1