Lucene search

[email protected]CVE-2007-4719

HistorySep 05, 2007 - 7:17 p.m.

CVE-2007-4719

2007-09-0519:17:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2007-4719

sql injection

read.php

212cafeboard 6.30 beta

remote execution

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.8%

JSON

SQL injection vulnerability in read.php in 212cafeBoard 6.30 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter.

CPENameOperatorVersion
212cafe:212cafeboard212cafe 212cafeboardeq6.30_beta

CPE	Name	Operator	Version
212cafe:212cafeboard	212cafe 212cafeboard	eq	6.30_beta

References

lists.grok.org.uk/pipermail/full-disclosure/2007-September/065581.html

osvdb.org/38334

securityreason.com/securityalert/3099

www.securityfocus.com/archive/1/478496/100/0/threaded

www.securityfocus.com/bid/25526

exchange.xforce.ibmcloud.com/vulnerabilities/36403

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.8%

JSON

Related for CVE-2007-4719

prion1