CVE-2007-1607

Опубликовано: 22 мар. 2007

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

search.php in w-Agora (Web-Agora) allows remote attackers to obtain potentially sensitive information via a ' (quote) value followed by certain SQL sequences in the (1) search_forum or (2) search_user parameter, which force a SQL error.

Ссылки

http://osvdb.org/34376
http://secunia.com/advisories/24605
Vendor Advisory
http://securityreason.com/securityalert/2462
http://www.securityfocus.com/archive/1/463286/100/0/threaded
http://www.securityfocus.com/bid/23057
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/33177
http://osvdb.org/34376
http://secunia.com/advisories/24605
Vendor Advisory
http://securityreason.com/securityalert/2462
http://www.securityfocus.com/archive/1/463286/100/0/threaded
http://www.securityfocus.com/bid/23057
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/33177

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:w-agora:w-agora:4.2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 69%

0.0059

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-r924-hc7c-cp46

github

почти 4 года назад