Lucene search
HistoryAug 20, 2007 - 10:17 p.m.
CVE-2007-4437
sql injection
vulnerability
albums.php
ampache
remote attackers
sql commands
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.1 High
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
82.8%
SQL injection vulnerability in albums.php in Ampache before 3.3.3.5 allows remote attackers to execute arbitrary SQL commands via the match parameter. NOTE: some details are obtained from third party information.
Affected configurations
Node
ampacheampacheRange≤3.3.3.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| ampache:ampache | ampache | le | 3.3.3.4 |
Related
prion
prion
Sql injection
2007-08-20 22:17:00
cvelist
cvelist
CVE-2007-4437
2007-08-20 22:00:00
nvd
nvd
CVE-2007-4437
2007-08-20 22:17:00
ubuntucve
ubuntucve
CVE-2007-4437
2007-08-20 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200710-13 (ampache)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200710-13 (ampache)
2008-09-24 00:00:00
nessus
nessus
GLSA-200710-13 : Ampache: Multiple vulnerabilities
2007-10-15 00:00:00
gentoo
gentoo
Ampache: Multiple vulnerabilities
2007-10-13 00:00:00
securityvulns
securityvulns
[ GLSA 200710-13 ] Ampache: Multiple vulnerabilities
2007-10-15 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.1 High
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
82.8%
Related for CVE-2007-4437