CVE-2007-6565

Опубликовано: 28 дек. 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in Blakord Portal 1.3.A Beta and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to an arbitrary component.

Ссылки

http://securityreason.com/securityalert/3497
http://www.securityfocus.com/archive/1/485544/100/0/threaded
http://www.securityfocus.com/bid/27038
Exploit
http://www.spanish-hackers.com/vuln/bug19.txt
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/39284
https://www.exploit-db.com/exploits/4793
http://securityreason.com/securityalert/3497
http://www.securityfocus.com/archive/1/485544/100/0/threaded
http://www.securityfocus.com/bid/27038
Exploit
http://www.spanish-hackers.com/vuln/bug19.txt
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/39284
https://www.exploit-db.com/exploits/4793

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:blakord:blakord_portal:*:*:*:*:*:*:*:*

Версия до 1.3.a_beta (включая)

EPSS

Процентиль: 78%

0.01099

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-x9qw-wpgc-v9w7

github

почти 4 года назад