Lucene search
MitreCVE-2007-5131HistorySep 27, 2007 - 7:17 p.m.
CVE-2007-5131
2007-09-2719:17:00
CWE-89
mitre
web.nvd.nist.gov
24
cve-2007-5131
sql injection
index.php
interspire activekb nx 2.x
security vulnerability
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.2
Confidence
Low
EPSS
0.002
Percentile
57.0%
SQL injection vulnerability in index.php in Interspire ActiveKB NX 2.x allows remote attackers to execute arbitrary SQL commands via the catId parameter in a browse action. NOTE: it was separately reported that ActiveKB 1.5 is also affected.
Affected configurations
Node
interspireactivekb_nxMatch2
ORinterspireactivekb_nxMatch2.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| interspire | activekb_nx | 2 | cpe:2.3:a:interspire:activekb_nx:2:*:*:*:*:*:*:* |
| interspire | activekb_nx | 2.6 | cpe:2.3:a:interspire:activekb_nx:2.6:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
ActiveKB KnowledgeBase 2.x - 'catId' SQL Injection
2007-09-26 00:00:00
cvelist
cvelist
CVE-2007-5131
2007-09-27 19:00:00
CVE-2007-5425
2007-10-12 23:00:00
prion
prion
Sql injection
2007-09-27 19:17:00
Sql injection
2007-10-12 23:17:00
nvd
nvd
CVE-2007-5131
2007-09-27 19:17:00
CVE-2007-5425
2007-10-12 23:17:00
cve
cve
CVE-2007-5425
2007-10-12 23:17:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.2
Confidence
Low
EPSS
0.002
Percentile
57.0%
Related for CVE-2007-5131