Lucene search

K
cve[email protected]CVE-2015-1400
HistoryFeb 03, 2015 - 4:59 p.m.

CVE-2015-1400

2015-02-0316:59:16
CWE-89
web.nvd.nist.gov
26
sql injection
npds revolution 13
cve-2015-1400
nvd

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

39.4%

SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote attackers to execute arbitrary SQL commands via the query parameter.

Affected configurations

NVD
Node
npdsrevolutionMatch13.0
CPENameOperatorVersion
npds:revolutionnpds revolutioneq13.0

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

39.4%