7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
42.0%
SQL injection vulnerability in GForge 4.5.19 allows remote attackers to
execute arbitrary SQL commands via the offset parameter to (1)
new/index.php, (2) news/index.php, and (3) top/topusers.php, which is not
properly handled in database-pgsql.php.