CVE-2007-4359

Опубликовано: 15 авг. 2007

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote attackers to execute arbitrary SQL commands via (1) the search form or (2) the jobid parameter to index.php in a showbyID action.

Ссылки

http://osvdb.org/36416
http://secunia.com/advisories/26440
http://securityreason.com/securityalert/3013
http://www.securityfocus.com/archive/1/476282/100/0/threaded
http://www.securityfocus.com/bid/25296
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/36052
http://osvdb.org/36416
http://secunia.com/advisories/26440
http://securityreason.com/securityalert/3013
http://www.securityfocus.com/archive/1/476282/100/0/threaded
http://www.securityfocus.com/bid/25296
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/36052

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:skilmatch_staffing_systems:joblister3:*:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00469

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-jchr-ph58-p2fr

github

почти 4 года назад