Lucene search

[email protected]CVE-2007-4054

HistoryJul 30, 2007 - 5:30 p.m.

CVE-2007-4054

2007-07-3017:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-4054

sql injection

vulnerability

category.php

php123 top sites

remote attackers

arbitrary sql commands

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.235 Low

EPSS

Percentile

96.5%

JSON

SQL injection vulnerability in category.php in PHP123 Top Sites allows remote attackers to execute arbitrary SQL commands via the cat parameter.

CPENameOperatorVersion
php123:top_sitesphp123 top siteseq*

CPE	Name	Operator	Version
php123:top_sites	php123 top sites	eq	*

References

osvdb.org/37130

www.securityfocus.com/bid/25128

www.vupen.com/english/advisories/2007/2693

exchange.xforce.ibmcloud.com/vulnerabilities/35679

www.exploit-db.com/exploits/4241

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.235 Low

EPSS

Percentile

96.5%

JSON

Related for CVE-2007-4054

prion1