CVE-2007-0381

Опубликовано: 19 янв. 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in ATutor 1.5.3.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters. NOTE: CVE analysis suggests that the vendor fixed these issues.

Ссылки

http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html
Vendor Advisory
http://osvdb.org/34660
http://www.atutor.ca/atutor/mantis/changelog_page.php
Patch
Vendor Advisory
http://www.hackers.ir/advisories/festival.txt
Vendor Advisory
http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html
Vendor Advisory
http://osvdb.org/34660
http://www.atutor.ca/atutor/mantis/changelog_page.php
Patch
Vendor Advisory
http://www.hackers.ir/advisories/festival.txt
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:adaptive_technology_resource_centre:atutor:1.5.3.2:*:*:*:*:*:*:*

EPSS

Процентиль: 65%

0.00484

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-5qc4-6v8r-qhhq

github

почти 4 года назад