CVE-2007-2561

2007-05-0918:00:00

mitre

www.cve.org

AI Score

8.1

Confidence

Low

EPSS

0.132

Percentile

95.6%

JSON

SQL injection vulnerability in index.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter, a different vector than CVE-2006-6115.

References

osvdb.org/36169

securityreason.com/securityalert/2688

www.securityfocus.com/archive/1/467838/100/0/threaded

www.securityfocus.com/bid/23850

exchange.xforce.ibmcloud.com/vulnerabilities/34155