Lucene search

MitreCVE-2007-5783

HistoryNov 01, 2007 - 4:46 p.m.

CVE-2007-5783

2007-11-0116:46:00

CWE-94

mitre

web.nvd.nist.gov

sql injection

emagic cms.net 4.0

remote attackers

arbitrary commands

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.004

Percentile

72.4%

JSON

SQL injection vulnerability in emc.asp in emagiC CMS.Net 4.0 allows remote attackers to execute arbitrary SQL commands via the pageId parameter.

Affected configurations

Nvd

Node

emagic-cmsemagic_cms.netMatch4.0

VendorProductVersionCPE
emagic-cmsemagic_cms.net4.0cpe:2.3:a:emagic-cms:emagic_cms.net:4.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
emagic-cms	emagic_cms.net	4.0	cpe:2.3:a:emagic-cms:emagic_cms.net:4.0:::::::*

References

www.securityfocus.com/bid/26229

www.vupen.com/english/advisories/2007/3642

exchange.xforce.ibmcloud.com/vulnerabilities/38119

www.exploit-db.com/exploits/4578

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.004

Percentile

72.4%

JSON

Related for CVE-2007-5783