Lucene search
HistorySep 17, 2007 - 5:17 p.m.
CVE-2007-4922
cve-2007-4922
sql injection
play.php
jeuxflash 1.0
kwsphp
remote authenticated users
nvd
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
24.0%
SQL injection vulnerability in play.php in the jeuxflash 1.0 module for KwsPHP allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a play ac action to index.php. NOTE: some details are obtained from third party information.
Affected configurations
Node
jeuxflashjeuxflash_moduleMatch1.0
ORkwsphpkwsphp
| CPE | Name | Operator | Version |
|---|---|---|---|
| jeuxflash:jeuxflash_module | jeuxflash jeuxflash module | eq | 1.0 |
| kwsphp:kwsphp | kwsphp | eq | * |
Related
nvd
nvd
CVE-2007-4922
2007-09-17 17:17:00
CVE-2008-1759
2008-04-12 20:05:00
cvelist
cvelist
CVE-2007-4922
2007-09-17 17:00:00
CVE-2008-1759
2008-04-12 20:00:00
prion
prion
Sql injection
2007-09-17 17:17:00
Sql injection
2008-04-12 20:05:00
cve
cve
CVE-2008-1759
2008-04-12 20:05:00
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
24.0%
Related for CVE-2007-4922