CVE-2007-6269

Опубликовано: 07 дек. 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in xlaabsolutenm.aspx in Absolute News Manager.NET 5.1 allow remote attackers to execute arbitrary SQL commands via the (1) z, (2) pz, (3) ord, and (4) sort parameters.

Ссылки

http://marc.info/?l=bugtraq&m=119678724111351&w=2
http://osvdb.org/40576
http://secunia.com/advisories/27923
Vendor Advisory
http://www.procheckup.com/Vulnerability_PR07-39.php
http://www.securityfocus.com/bid/26692
Exploit
Patch
http://www.xigla.com/news/default.aspx
http://www.xigla.com/security/ANMNET51-SecurityUpdate20071128.zip
https://exchange.xforce.ibmcloud.com/vulnerabilities/38871
http://marc.info/?l=bugtraq&m=119678724111351&w=2
http://osvdb.org/40576
http://secunia.com/advisories/27923
Vendor Advisory
http://www.procheckup.com/Vulnerability_PR07-39.php
http://www.securityfocus.com/bid/26692
Exploit
Patch
http://www.xigla.com/news/default.aspx
http://www.xigla.com/security/ANMNET51-SecurityUpdate20071128.zip
https://exchange.xforce.ibmcloud.com/vulnerabilities/38871

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:xigla:absolute_news_manager.net:5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00715

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-c6r6-x5xg-23wm

github

почти 4 года назад