CVE-2007-1882

Опубликовано: 06 апр. 2007

Источник: nvd

CVSS2: 6.5

EPSS Средний

Описание

qcbin/servlet/tdservlet/TDAPI_GeneralWebTreatment in HP Mercury Quality Center 9.0 build 9.1.0.4352 allows remote authenticated users to execute arbitrary SQL commands via the RunQuery method.

Ссылки

http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053406.html
http://osvdb.org/34630
http://secunia.com/advisories/24730
Vendor Advisory
http://securityreason.com/securityalert/2527
http://www.securitytracker.com/id?1017842
http://www.vupen.com/english/advisories/2007/1246
https://exchange.xforce.ibmcloud.com/vulnerabilities/33385
http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053406.html
http://osvdb.org/34630
http://secunia.com/advisories/24730
Vendor Advisory
http://securityreason.com/securityalert/2527
http://www.securitytracker.com/id?1017842
http://www.vupen.com/english/advisories/2007/1246
https://exchange.xforce.ibmcloud.com/vulnerabilities/33385

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hp:mercury_quality_center:9.0:build_9.1.0.4352:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.10739

Средний

6.5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-j7wx-365f-vhx4

github

почти 4 года назад