Lucene search
MitreCVE-2007-3399HistoryJun 26, 2007 - 5:30 p.m.
CVE-2007-3399
2007-06-2617:30:00
CWE-89
mitre
web.nvd.nist.gov
30
sql injection
power phlogger
pphlogger
remote attackers
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.006
Percentile
78.5%
SQL injection vulnerability in include/get_userdata.php in Power Phlogger (PPhlogger) 2.2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to login.php.
Affected configurations
Node
phpeepower_phloggerRange≤2.2.5
ORphpeepower_phloggerMatch2.2.2alpha
ORphpeepower_phloggerMatch2.2.2beta
ORphpeepower_phloggerMatch2.2.3
ORphpeepower_phloggerMatch2.2.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phpee | power_phlogger | * | cpe:2.3:a:phpee:power_phlogger:*:*:*:*:*:*:*:* |
| phpee | power_phlogger | 2.2.2 | cpe:2.3:a:phpee:power_phlogger:2.2.2:alpha:*:*:*:*:*:* |
| phpee | power_phlogger | 2.2.2 | cpe:2.3:a:phpee:power_phlogger:2.2.2:beta:*:*:*:*:*:* |
| phpee | power_phlogger | 2.2.3 | cpe:2.3:a:phpee:power_phlogger:2.2.3:*:*:*:*:*:*:* |
| phpee | power_phlogger | 2.2.4 | cpe:2.3:a:phpee:power_phlogger:2.2.4:*:*:*:*:*:*:* |
References
Related
cvelist
cvelist
CVE-2007-3399
2007-06-26 17:00:00
nvd
nvd
CVE-2007-3399
2007-06-26 17:30:00
CVE-2007-3595
2007-07-06 18:30:00
prion
prion
Sql injection
2007-06-26 17:30:00
Design/Logic Flaw
2007-07-06 18:30:00
cve
cve
CVE-2007-3595
2007-07-06 18:30:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.006
Percentile
78.5%
Related for CVE-2007-3399