Lucene search

K
nvd[email protected]NVD:CVE-2007-4154
HistoryAug 03, 2007 - 8:17 p.m.

CVE-2007-4154

2007-08-0320:17:00
web.nvd.nist.gov

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

58.8%

SQL injection vulnerability in options.php in WordPress 2.2.1 allows remote authenticated administrators to execute arbitrary SQL commands via the page_options parameter to (1) options-general.php, (2) options-writing.php, (3) options-reading.php, (4) options-discussion.php, (5) options-privacy.php, (6) options-permalink.php, (7) options-misc.php, and possibly other unspecified components.

Affected configurations

NVD
Node
wordpresswordpressMatch2.2.1

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

58.8%