Lucene search

[email protected]CVE-2007-5490

HistoryOct 17, 2007 - 6:17 p.m.

CVE-2007-5490

2007-10-1718:17:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2007-5490

sql injection

okul otomasyon portal 2.0

remote attackers

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.8%

JSON

SQL injection vulnerability in default.asp in Okul Otomasyon Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected configurations

NVD

Node

okulumunsitesiportalMatch2.0

CPENameOperatorVersion
okulumunsitesi:portalokulumunsitesi portaleq2.0

CPE	Name	Operator	Version
okulumunsitesi:portal	okulumunsitesi portal	eq	2.0

References

secunia.com/advisories/27268

www.securityfocus.com/bid/26094

exchange.xforce.ibmcloud.com/vulnerabilities/37237

www.exploit-db.com/exploits/4539

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.8%

JSON

Related for CVE-2007-5490

nvd1 prion1 cvelist1