CVE-2007-6393

Опубликовано: 17 дек. 2007

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

SQL injection vulnerability in albums.php in Ace Image Hosting Script allows remote authenticated users to execute arbitrary SQL commands via the id parameter in editalbum mode.

Ссылки

http://secunia.com/advisories/27988
http://www.securityfocus.com/bid/26780
Exploit
http://www.vupen.com/english/advisories/2007/4176
https://exchange.xforce.ibmcloud.com/vulnerabilities/38941
https://www.exploit-db.com/exploits/4707
http://secunia.com/advisories/27988
http://www.securityfocus.com/bid/26780
Exploit
http://www.vupen.com/english/advisories/2007/4176
https://exchange.xforce.ibmcloud.com/vulnerabilities/38941
https://www.exploit-db.com/exploits/4707

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ace_image_hosting_script:ace_image_hosting_script:0:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.00414

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-2gh7-vr34-cxv5

github

почти 4 года назад