Lucene search

[email protected]CVE-2007-3976

HistoryJul 25, 2007 - 5:30 p.m.

CVE-2007-3976

2007-07-2517:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sql injection

bwired

index.php

vulnerability

remote execution

nvd

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

67.5%

JSON

SQL injection vulnerability in index.php in bwired allows remote attackers to execute arbitrary SQL commands via the newsID parameter.

CPENameOperatorVersion
bwired:bwiredbwiredeq*

CPE	Name	Operator	Version
bwired:bwired	bwired	eq	*

References

osvdb.org/39135

www.vupen.com/english/advisories/2007/2612

exchange.xforce.ibmcloud.com/vulnerabilities/35540

www.exploit-db.com/exploits/4213

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

67.5%

JSON

Related for CVE-2007-3976

prion1