Lucene search

[email protected]CVE-2007-4627

HistoryAug 31, 2007 - 1:17 a.m.

CVE-2007-4627

2007-08-3101:17:00

[email protected]

web.nvd.nist.gov

cve-2007-4627

sql injection

index.php

abc estore 3.0

remote attackers

nvd

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.139 Low

EPSS

Percentile

95.7%

JSON

SQL injection vulnerability in index.php in ABC eStore 3.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.

Affected configurations

NVD

Node

algeraabc_estoreMatch3.0

CPENameOperatorVersion
algera:abc_estorealgera abc estoreeq3.0

CPE	Name	Operator	Version
algera:abc_estore	algera abc estore	eq	3.0

References

osvdb.org/38434

www.securityfocus.com/bid/25476

www.vupen.com/english/advisories/2007/3037

exchange.xforce.ibmcloud.com/vulnerabilities/36313

www.exploit-db.com/exploits/4338

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.139 Low

EPSS

Percentile

95.7%

JSON

Related for CVE-2007-4627

prion1 nvd1 cvelist1