Lucene search

[email protected]CVE-2007-3810

HistoryJul 17, 2007 - 12:30 a.m.

CVE-2007-3810

2007-07-1700:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-3810

sql injection

index.php

realtor 747

categoryid parameter

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.4%

JSON

SQL injection vulnerability in index.php in Realtor 747 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter.

CPENameOperatorVersion
it747:realtor_747it747 realtor 747eq*

CPE	Name	Operator	Version
it747:realtor_747	it747 realtor 747	eq	*

References

osvdb.org/36244

secunia.com/advisories/26068

www.securityfocus.com/bid/24916

www.vupen.com/english/advisories/2007/2541

exchange.xforce.ibmcloud.com/vulnerabilities/35420

www.exploit-db.com/exploits/4184

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.4%

JSON

Related for CVE-2007-3810

prion1