Lucene search

[email protected]CVE-2007-6014

HistoryDec 05, 2007 - 11:46 a.m.

CVE-2007-6014

2007-12-0511:46:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2007-6014

sql injection

beehive forum

nvd

security vulnerability

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.1%

JSON

SQL injection vulnerability in post.php in Beehive Forum 0.7.1 and earlier allows remote attackers to execute arbitrary SQL commands via the t_dedupe parameter.

CPENameOperatorVersion
beehive_forum:beehive_forumbeehive forumle0.7.1

CPE	Name	Operator	Version
beehive_forum:beehive_forum	beehive forum	le	0.7.1

References

secunia.com/advisories/27909

securityreason.com/securityalert/3417

sourceforge.net/project/shownotes.php?group_id=50772&release_id=551758

www.securityfocus.com/archive/1/484501/100/0/threaded

www.securityfocus.com/bid/26492

www.securitytracker.com/id?1019035

www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-014.txt

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.1%

JSON

Related for CVE-2007-6014

prion2 cvelist2 securityvulns2 seebug1 cve1