Lucene search

[email protected]CVE-2007-5449

HistoryOct 14, 2007 - 6:17 p.m.

CVE-2007-5449

2007-10-1418:17:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2007-5449

sql injection

searchresult.php

softbiz recipes portal script

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

Low

0.066 Low

EPSS

Percentile

93.8%

JSON

SQL injection vulnerability in searchresult.php in Softbiz Recipes Portal Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter.

Affected configurations

NVD

Node

softbizrecipes_portal_script

CPENameOperatorVersion
softbiz:recipes_portal_scriptsoftbiz recipes portal scripteq*

CPE	Name	Operator	Version
softbiz:recipes_portal_script	softbiz recipes portal script	eq	*

References

secunia.com/advisories/27258

www.securityfocus.com/bid/26063

www.vupen.com/english/advisories/2007/3497

exchange.xforce.ibmcloud.com/vulnerabilities/37201

www.exploit-db.com/exploits/4527

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

Low

0.066 Low

EPSS

Percentile

93.8%

JSON

Related for CVE-2007-5449

cvelist2 prion2 nvd2 cve1