Lucene search

PRIOn knowledge basePRION:CVE-2007-0374

HistoryJan 19, 2007 - 11:28 p.m.

Sql injection

2007-01-1923:28:00

PRIOn knowledge base

www.prio-n.com

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.9%

JSON

SQL injection vulnerability in (1) Joomla! 1.0.11 and 1.5 Beta, and (2) Mambo 4.6.1, allows remote attackers to execute arbitrary SQL commands via the id parameter when cancelling content editing.

CPENameOperatorVersion
joomlaeq1.5.0-beta
joomlaeq1.0.11
mamboeq4.6.1

Name	Operator	Version
joomla	eq	1.5.0-beta
joomla	eq	1.0.11
mambo	eq	4.6.1

References

archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html

osvdb.org/32520

www.hackers.ir/advisories/festival.txt

www.securityfocus.com/archive/1/459203/100/0/threaded

www.securityfocus.com/bid/19734

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.9%

JSON

Related for PRION:CVE-2007-0374