Lucene search

PRIOn knowledge basePRION:CVE-2007-4086

HistoryJul 30, 2007 - 5:30 p.m.

Sql injection

2007-07-3017:30:00

PRIOn knowledge base

www.prio-n.com

8.9 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.1%

JSON

Multiple SQL injection vulnerabilities in AlstraSoft Video Share Enterprise allow remote attackers to execute arbitrary SQL commands via (1) the gid parameter to gmembers.php, or (2) the UID parameter to (a) uvideos.php, (b) ugroups.php, © uprofile.php, (d) ufavour.php, (e) ufriends.php, or (f) uplaylist.php.

References

osvdb.org/37872

osvdb.org/37873

osvdb.org/37874

osvdb.org/37875

osvdb.org/37876

osvdb.org/37877

osvdb.org/37878

lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html

8.9 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.1%

JSON

Related for PRION:CVE-2007-4086