Lucene search
HistoryApr 26, 2007 - 9:19 p.m.
CVE-2007-2299
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.4
Confidence
Low
EPSS
0.008
Percentile
81.6%
Multiple SQL injection vulnerabilities in Frogss CMS 0.7 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) dzial parameter to (a) katalog.php, or the (2) t parameter to (b) forum.php or © forum/viewtopic.php, different vectors than CVE-2006-4536.
Affected configurations
Node
frogssfrogss_cmsRange≤0.7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| frogss | frogss_cms | * | cpe:2.3:a:frogss:frogss_cms:*:*:*:*:*:*:*:* |
Related
prion
prion
Sql injection
2007-04-26 21:19:00
cve
cve
CVE-2007-2299
2007-04-26 21:19:00
CVE-2006-4536
2006-09-05 18:04:00
cvelist
cvelist
CVE-2007-2299
2007-04-26 21:00:00
CVE-2006-4536
2006-09-05 18:00:00
exploitdb
exploitdb
CMS Frogss 0.4 - 'podpis' SQL Injection
2006-08-27 00:00:00
Frogss CMS 0.7 - SQL Injection
2007-04-13 00:00:00
nvd
nvd
CVE-2006-4536
2006-09-05 18:04:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.4
Confidence
Low
EPSS
0.008
Percentile
81.6%
Related for NVD:CVE-2007-2299