Lucene search
HistoryMar 07, 2007 - 12:19 a.m.
CVE-2007-1304
cve
2007
1304
sql injection
sava's guestbook
vulnerability
remote attackers
nvd
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.5 High
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
80.5%
Multiple SQL injection vulnerabilities in add2.php in Sava’s Guestbook 23.11.2006, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) country, (3) email, (4) website, and (5) message parameters.
Affected configurations
Node
savas_placesavas_guestbookMatch2006-11-23
| CPE | Name | Operator | Version |
|---|---|---|---|
| savas_place:savas_guestbook | savas place savas guestbook | eq | 2006-11-23 |
Related
cvelist
cvelist
CVE-2007-1304
2007-03-07 00:00:00
nvd
nvd
CVE-2007-1304
2007-03-07 00:19:00
prion
prion
Sql injection
2007-03-07 00:19:00
securityvulns
securityvulns
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.5 High
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
80.5%
Related for CVE-2007-1304