Lucene search

[email protected]CVE-2007-2672

HistoryMay 14, 2007 - 11:19 p.m.

CVE-2007-2672

2007-05-1423:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

php

coupon script

sql injection

vulnerability

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.7%

JSON

SQL injection vulnerability in index.php in PHP Coupon Script 3.0 allows remote attackers to execute arbitrary SQL commands via the bus parameter in a viewbus page.

CPENameOperatorVersion
thinc4orce_marketing_group:php_coupon_scriptthinc4orce marketing group php coupon scripteq3.0

CPE	Name	Operator	Version
thinc4orce_marketing_group:php_coupon_script	thinc4orce marketing group php coupon script	eq	3.0

References

osvdb.org/35590

secunia.com/advisories/25145

www.securityfocus.com/bid/23799

www.vupen.com/english/advisories/2007/1653

exchange.xforce.ibmcloud.com/vulnerabilities/34045

www.exploit-db.com/exploits/3839

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.7%

JSON

Related for CVE-2007-2672

prion2 cve1