Lucene search

[email protected]CVE-2007-3981

HistoryJul 25, 2007 - 5:30 p.m.

CVE-2007-3981

2007-07-2517:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-3981

sql injection

wsn links basic edition

index.php

nvd

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.2%

JSON

SQL injection vulnerability in index.php in WSN Links Basic Edition allows remote attackers to execute arbitrary SQL commands via the catid parameter in a displaycat action.

CPENameOperatorVersion
wsn_links:wsn_linkswsn linkseq*

CPE	Name	Operator	Version
wsn_links:wsn_links	wsn links	eq	*

References

osvdb.org/36270

secunia.com/advisories/26246

www.securityfocus.com/bid/24996

www.vupen.com/english/advisories/2007/2615

exchange.xforce.ibmcloud.com/vulnerabilities/35543

www.exploit-db.com/exploits/4209

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.2%

JSON

Related for CVE-2007-3981

prion1