ID OSVDB:36298
Type osvdb
Reporter OSVDB
Modified 2007-07-09T17:37:54
Description
No description provided by the source
References:
Secunia Advisory ID:25969
Mail List Post: http://attrition.org/pipermail/vim/2007-July/001705.html
ISS X-Force ID: 35487
CVE-2007-3691
{"bulletinFamily": "software", "viewCount": 1, "reporter": "OSVDB", "references": [], "description": "# No description provided by the source\n\n## References:\n[Secunia Advisory ID:25969](https://secuniaresearch.flexerasoftware.com/advisories/25969/)\nMail List Post: http://attrition.org/pipermail/vim/2007-July/001705.html\nISS X-Force ID: 35487\n[CVE-2007-3691](https://vulners.com/cve/CVE-2007-3691)\n", "affectedSoftware": [], "href": "https://vulners.com/osvdb/OSVDB:36298", "modified": "2007-07-09T17:37:54", "enchantments": {"score": {"value": 6.1, "vector": "NONE", "modified": "2017-04-28T13:20:32", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-3691"]}], "modified": "2017-04-28T13:20:32", "rev": 2}, "vulnersScore": 6.1}, "id": "OSVDB:36298", "title": "AV Tutorial Script changePW.php Multiple Variable SQL Injection", "edition": 1, "published": "2007-07-09T17:37:54", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "cvelist": ["CVE-2007-3691"], "lastseen": "2017-04-28T13:20:32", "immutableFields": []}
{"cve": [{"lastseen": "2021-02-02T05:31:25", "description": "Multiple SQL injection vulnerabilities in changePW.php in AV Tutorial Script (avtutorial) 1.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) userid parameters, a different issue than CVE-2007-3630.\nSuccessful exploitation allows e.g. to change the administrator's password but requires that \"magic_quotes_gpc\" is disabled.\r\n", "edition": 4, "cvss3": {}, "published": "2007-07-11T17:30:00", "title": "CVE-2007-3691", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3691"], "modified": "2017-07-29T01:32:00", "cpe": ["cpe:/a:av_scripts:av_tutorial_script:1.0"], "id": "CVE-2007-3691", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3691", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:av_scripts:av_tutorial_script:1.0:*:*:*:*:*:*:*"]}]}
