Lucene search

[email protected]CVE-2007-3430

HistoryJun 27, 2007 - 12:30 a.m.

CVE-2007-3430

2007-06-2700:30:00

[email protected]

web.nvd.nist.gov

cve

2007

3430

sql injection

simple invoices

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.0%

JSON

SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote attackers to execute arbitrary SQL commands via the submit parameter in an email action.

Affected configurations

NVD

Node

simple_invoicessimple_invoicesMatch2007-05-25

CPENameOperatorVersion
simple_invoices:simple_invoicessimple invoiceseq2007-05-25

CPE	Name	Operator	Version
simple_invoices:simple_invoices	simple invoices	eq	2007-05-25

References

osvdb.org/36293

secunia.com/advisories/25789

www.securityfocus.com/bid/24601

www.vupen.com/english/advisories/2007/2310

exchange.xforce.ibmcloud.com/vulnerabilities/35021

www.exploit-db.com/exploits/4098

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.0%

JSON

Related for CVE-2007-3430

nvd1 prion1 cvelist1