Lucene search

PRIOn knowledge basePRION:CVE-2007-1575

HistoryMar 21, 2007 - 9:19 p.m.

Sql injection

2007-03-2121:19:00

PRIOn knowledge base

www.prio-n.com

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.6%

JSON

Multiple SQL injection vulnerabilities in PHProjekt 5.2.0, when magic_quotes_gpc is disabled, allow remote authenticated users to execute arbitrary SQL commands via (1) unspecified vectors to the (a) calendar and (2) search modules, and an (2) unspecified cookie when the user logs out.

CPENameOperatorVersion
phprojekteq5.1
phprojekteq5.1.2
phprojekteq5.2
phprojekteq5.1.1

Name	Operator	Version
phprojekt	eq	5.1
phprojekt	eq	5.1.2
phprojekt	eq	5.2
phprojekt	eq	5.1.1

References

secunia.com/advisories/24509

secunia.com/advisories/25748

security.gentoo.org/glsa/glsa-200706-07.xml

securityreason.com/securityalert/2466

www.nruns.com/security_advisory_phprojekt_sql_injection.php

www.phprojekt.com/index.php?name=News&file=article&sid=276

www.securityfocus.com/archive/1/462789/100/0/threaded

www.securityfocus.com/bid/22955

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.6%

JSON

Related for PRION:CVE-2007-1575