exploitDog

CVE-2007-1960

Опубликовано: 11 апр. 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7downloads) 1.0 module for XOOPS, and possibly other versions up to 1.10, allows remote attackers to execute arbitrary SQL commands via the lid parameter.

Ссылки

http://osvdb.org/34460
http://secunia.com/advisories/24790
Vendor Advisory
http://www.securityfocus.com/bid/23320
Exploit
https://www.exploit-db.com/exploits/3666
http://osvdb.org/34460
http://secunia.com/advisories/24790
Vendor Advisory
http://www.securityfocus.com/bid/23320
Exploit
https://www.exploit-db.com/exploits/3666

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:xoops:rha7_downloads_module:1.0:*:*:*:*:*:*:*

cpe:2.3:a:xoops:rha7_downloads_module:1.10:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00704

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-h397-gg3x-pxq4

github

почти 4 года назад

SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7downloads) 1.0 module for XOOPS, and possibly other versions up to 1.10, allows remote attackers to execute arbitrary SQL commands via the lid parameter.

EPSS

Процентиль: 72%

0.00704

Низкий

7.5 High

CVSS2

Дефекты

CWE-89