CVE-2007-1920

Sažetak

SQL injection vulnerability in index.php in the aktualnosci module in SmodBIP 1.06 and earlier allows remote attackers to execute arbitrary SQL commands via the zoom parameter, possibly related to home.php.

Reference

http://osvdb.org/34745
http://secunia.com/advisories/24802
http://www.securityfocus.com/bid/23356
http://www.vupen.com/english/advisories/2007/1298
https://exchange.xforce.ibmcloud.com/vulnerabilities/33476
https://www.exploit-db.com/exploits/3678

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-10-2017 - 01:32

Objavljeno

10-04-2007 - 23:19