Lucene search

[email protected]CVE-2007-5371

HistoryOct 11, 2007 - 10:17 a.m.

CVE-2007-5371

2007-10-1110:17:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2007-5371

sql injection

modx 0.9.6

nvd

9.5 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

44.6%

JSON

Multiple SQL injection vulnerabilities in mutate_content.dynamic.php in MODx 0.9.6 allow remote attackers to execute arbitrary SQL commands via the (1) documentDirty or (2) modVariables parameter.

CPENameOperatorVersion
modxcms:modxcmsmodxcmseq0.9.6

CPE	Name	Operator	Version
modxcms:modxcms	modxcms	eq	0.9.6

References

osvdb.org/38584

securityreason.com/securityalert/3215

www.securityfocus.com/archive/1/481870/100/0/threaded

9.5 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

44.6%

JSON

Related for CVE-2007-5371

cvelist1 prion1