Lucene search
HistoryOct 21, 2015 - 6:59 p.m.
CVE-2015-7299
cve-2015-7299
sql injection
k2 blackpearl
smartforms
k2 for sharepoint
8.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
77.5%
SQL injection vulnerability in Runtime/Runtime/AjaxCall.ashx in K2 blackpearl, smartforms, and K2 for SharePoint 4.6.7 allows remote attackers to execute arbitrary SQL commands via the xml parameter.
Affected configurations
Node
nintexk2_blackpearlMatch4.6.7
ORnintexk2_for_sharepointMatch4.6.7
ORnintexk2_smartformsMatch4.6.7
Related
securityvulns
securityvulns
Boolean-based SQL injection Vulnerability in K2 Platforms
2015-10-26 00:00:00
zdt
zdt
K2 SmartForms / BlackPearl SQL Injection Vulnerability
2015-10-13 00:00:00
packetstorm
packetstorm
K2 SmartForms / BlackPearl SQL Injection
2015-10-13 00:00:00
cvelist
cvelist
CVE-2015-7299
2015-10-21 18:00:00
prion
prion
Sql injection
2015-10-21 18:59:00
nvd
nvd
CVE-2015-7299
2015-10-21 18:59:05
8.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
77.5%
Related for CVE-2015-7299