Lucene search

[email protected]CVE-2007-3609

HistoryJul 06, 2007 - 7:30 p.m.

CVE-2007-3609

2007-07-0619:30:00

[email protected]

web.nvd.nist.gov

cve

2007

3609

sql injection

emeeting online dating software

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.5%

JSON

Multiple SQL injection vulnerabilities in eMeeting Online Dating Software 5.2 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) b.php and (2) account/gallery.php, and other unspecified vectors.

Affected configurations

NVD

Node

emeetingonline_dating_softwareMatch5.2

CPENameOperatorVersion
emeeting:online_dating_softwareemeeting online dating softwareeq5.2

CPE	Name	Operator	Version
emeeting:online_dating_software	emeeting online dating software	eq	5.2

References

osvdb.org/36363

osvdb.org/36364

secunia.com/advisories/25974

www.securityfocus.com/bid/24786

www.vupen.com/english/advisories/2007/2448

exchange.xforce.ibmcloud.com/vulnerabilities/35274

exchange.xforce.ibmcloud.com/vulnerabilities/35275

www.exploit-db.com/exploits/4154

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.5%

JSON

Related for CVE-2007-3609

prion1 nvd1 cvelist1