Lucene search

[email protected]CVE-2007-3563

HistoryJul 04, 2007 - 4:30 p.m.

CVE-2007-3563

2007-07-0416:30:00

CWE-89

[email protected]

web.nvd.nist.gov

sql injection

av arcade

remote attackers

vulnerability

nvd

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.3%

JSON

SQL injection vulnerability in includes/view_page.php in AV Arcade 2.1b allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_page action to index.php.

Affected configurations

NVD

Node

avscriptsav_arcadeMatch2.1b

CPENameOperatorVersion
avscripts:av_arcadeavscripts av arcadeeq2.1b

CPE	Name	Operator	Version
avscripts:av_arcade	avscripts av arcade	eq	2.1b

References

osvdb.org/36354

secunia.com/advisories/25927

www.securityfocus.com/archive/1/472663/100/0/threaded

www.securityfocus.com/bid/24728

www.vupen.com/english/advisories/2007/2410

exchange.xforce.ibmcloud.com/vulnerabilities/35209

www.exploit-db.com/exploits/4138

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.3%

JSON

Related for CVE-2007-3563

cvelist1 prion1 nvd1