Lucene search
MitreCVE-2007-4892HistorySep 14, 2007 - 6:17 p.m.
CVE-2007-4892
2007-09-1418:17:00
CWE-89
mitre
web.nvd.nist.gov
35
cve-2007-4892
sql injection
swsoft plesk
windows
remote attack
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.6
Confidence
Low
EPSS
0.002
Percentile
51.8%
Multiple SQL injection vulnerabilities in SWSoft Plesk 7.6.1, 8.1.0, 8.1.1, and 8.2.0 for Windows allow remote attackers to execute arbitrary SQL commands via a PLESKSESSID cookie to (1) login.php3 or (2) auth.php3.
Affected configurations
Node
swsoftpleskMatch7.6.1
ORswsoftpleskMatch8.1
ORswsoftpleskMatch8.1.1
ORswsoftpleskMatch8.2
Related
cvelist
cvelist
CVE-2007-4892
2007-09-14 18:00:00
nvd
nvd
CVE-2007-4892
2007-09-14 18:17:00
prion
prion
Sql injection
2007-09-14 18:17:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.6
Confidence
Low
EPSS
0.002
Percentile
51.8%
Related for CVE-2007-4892