Lucene search

[email protected]CVE-2007-2662

HistoryMay 14, 2007 - 11:19 p.m.

CVE-2007-2662

2007-05-1423:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-2662

sql injection

efestech haber 5.0

remote attackers

nvd

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.106 Low

EPSS

Percentile

95.0%

JSON

SQL injection vulnerability in EfesTECH Haber 5.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to the top-level URI.

CPENameOperatorVersion
efestech_haber:efestech_haberefestech habereq5.0

CPE	Name	Operator	Version
efestech_haber:efestech_haber	efestech haber	eq	5.0

References

osvdb.org/36014

secunia.com/advisories/25247

www.securityfocus.com/bid/23960

exchange.xforce.ibmcloud.com/vulnerabilities/34272

www.exploit-db.com/exploits/3911

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.106 Low

EPSS

Percentile

95.0%

JSON

Related for CVE-2007-2662

prion1