CVE-2007-2685

Опубликовано: 21 мая 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in index.php in Jetbox CMS 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) view or (2) login parameter.

Ссылки

http://marc.info/?l=full-disclosure&m=117974433216496&w=2
Exploit
Vendor Advisory
http://www.netvigilance.com/advisory0028
Exploit
Vendor Advisory
http://www.osvdb.org/34784
http://www.securityfocus.com/archive/1/469223/100/0/threaded
http://www.securityfocus.com/bid/24077
https://exchange.xforce.ibmcloud.com/vulnerabilities/34387
http://marc.info/?l=full-disclosure&m=117974433216496&w=2
Exploit
Vendor Advisory
http://www.netvigilance.com/advisory0028
Exploit
Vendor Advisory
http://www.osvdb.org/34784
http://www.securityfocus.com/archive/1/469223/100/0/threaded
http://www.securityfocus.com/bid/24077
https://exchange.xforce.ibmcloud.com/vulnerabilities/34387

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jetbox:jetbox_cms:2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00642

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-v69m-9r45-9fxf

github

почти 4 года назад