Lucene search

[email protected]CVE-2007-3683

HistoryJul 11, 2007 - 5:30 p.m.

CVE-2007-3683

2007-07-1117:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sql injection

pagetopic.php

aigaion 1.3.3

vulnerability

remote attackers

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.2%

JSON

SQL injection vulnerability in pagetopic.php in Aigaion 1.3.3 and earlier allows remote attackers to execute arbitrary SQL commands via the topic_id parameter.

CPENameOperatorVersion
aigaion:aigaionaigaionle1.3.3

CPE	Name	Operator	Version
aigaion:aigaion	aigaion	le	1.3.3

References

osvdb.org/35964

secunia.com/advisories/25996

www.securityfocus.com/bid/24836

www.vupen.com/english/advisories/2007/2474

exchange.xforce.ibmcloud.com/vulnerabilities/35306

www.exploit-db.com/exploits/4164

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.2%

JSON

Related for CVE-2007-3683

prion1