Lucene search

PRIOn knowledge basePRION:CVE-2007-0865

HistoryFeb 09, 2007 - 1:28 a.m.

Sql injection

2007-02-0901:28:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.142 Low

EPSS

Percentile

95.5%

JSON

SQL injection vulnerability in comments.php in LushiNews 1.01 and earlier allows remote authenticated users to inject arbitrary SQL commands via the id parameter.

CPENameOperatorVersion
lushinewseq1.00
lushinewseq1.01

CPE	Name	Operator	Version
	lushinews	eq	1.00
	lushinews	eq	1.01

References

osvdb.org/33134

secunia.com/advisories/24081

www.securityfocus.com/bid/22469

www.vupen.com/english/advisories/2007/0539

exchange.xforce.ibmcloud.com/vulnerabilities/32360

www.exploit-db.com/exploits/3287

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.142 Low

EPSS

Percentile

95.5%

JSON

Related for PRION:CVE-2007-0865