Lucene search
MitreCVE-2007-4922HistorySep 17, 2007 - 5:17 p.m.
CVE-2007-4922
2007-09-1717:17:00
CWE-89
mitre
web.nvd.nist.gov
35
cve-2007-4922
sql injection
play.php
jeuxflash 1.0
kwsphp
remote authenticated users
nvd
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.001
Percentile
29.1%
SQL injection vulnerability in play.php in the jeuxflash 1.0 module for KwsPHP allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a play ac action to index.php. NOTE: some details are obtained from third party information.
Affected configurations
Node
jeuxflashjeuxflash_moduleMatch1.0
ORkwsphpkwsphp
| Vendor | Product | Version | CPE |
|---|---|---|---|
| jeuxflash | jeuxflash_module | 1.0 | cpe:2.3:a:jeuxflash:jeuxflash_module:1.0:*:*:*:*:*:*:* |
| kwsphp | kwsphp | * | cpe:2.3:a:kwsphp:kwsphp:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2007-4922
2007-09-17 17:17:00
CVE-2008-1759
2008-04-12 20:05:00
cvelist
cvelist
CVE-2007-4922
2007-09-17 17:00:00
CVE-2008-1759
2008-04-12 20:00:00
prion
prion
Sql injection
2007-09-17 17:17:00
Sql injection
2008-04-12 20:05:00
exploitdb
exploitdb
KwsPHP Module jeuxflash 1.0 - 'id' SQL Injection
2007-09-13 00:00:00
cve
cve
CVE-2008-1759
2008-04-12 20:05:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.001
Percentile
29.1%
Related for CVE-2007-4922