Lucene search

K
cve[email protected]CVE-2007-5261
HistoryOct 06, 2007 - 5:17 p.m.

CVE-2007-5261

2007-10-0617:17:00
CWE-89
web.nvd.nist.gov
20
cve-2007-5261
sql injection
multicart 1.0
remote attacks
arbitrary commands

9.5 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.001 Low

EPSS

Percentile

42.6%

Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) catid parameter to categorydetail.php and the (2) ddlCategory parameter to search.php.

9.5 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.001 Low

EPSS

Percentile

42.6%

Related for CVE-2007-5261