Lucene search

[email protected]CVE-2007-6172

HistoryNov 30, 2007 - 12:46 a.m.

CVE-2007-6172

2007-11-3000:46:00

CWE-89

[email protected]

web.nvd.nist.gov

security

sql injection

wpquiz 2.7

vulnerability

nvd

8.6 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

38.8%

JSON

Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewimage.php and (2) comments.php.

Affected configurations

NVD

Node

wire_plastic_designwpquizMatch2.7

CPENameOperatorVersion
wire_plastic_design:wpquizwire plastic design wpquizeq2.7

CPE	Name	Operator	Version
wire_plastic_design:wpquiz	wire plastic design wpquiz	eq	2.7

References

secunia.com/advisories/27843

www.securityfocus.com/bid/26611

www.securityfocus.com/bid/26621

exchange.xforce.ibmcloud.com/vulnerabilities/38680

www.exploit-db.com/exploits/4668

8.6 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

38.8%

JSON

Related for CVE-2007-6172

nvd1 cvelist1 prion1