Lucene search

[email protected]NVD:CVE-2007-1425

HistoryMar 13, 2007 - 1:19 a.m.

CVE-2007-1425

2007-03-1301:19:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.006

Percentile

78.0%

JSON

SQL injection vulnerability in index.php in Triexa SonicMailer Pro 3.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the list parameter in an archive action.

Affected configurations

Nvd

Node

triexasonicmailer_proRange≤3.2.3

VendorProductVersionCPE
triexasonicmailer_pro*cpe:2.3:a:triexa:sonicmailer_pro:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
triexa	sonicmailer_pro	*	cpe:2.3:a:triexa:sonicmailer_pro::::::::

References

osvdb.org/33986

secunia.com/advisories/24474

www.securityfocus.com/bid/22920

www.vupen.com/english/advisories/2007/0905

www.exploit-db.com/exploits/3457

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.006

Percentile

78.0%

JSON

Related for NVD:CVE-2007-1425

cvelist1 cve1 prion1 exploitdb1 securityvulns1