7.5

CVE-2002-0555

IBM Informix Web DataBlade 4.12 unescapes user input even if an application has escaped it, which could allow remote attackers to execute SQL code in a web form even when the developer has attempted to escape it.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmInformix Web Datablade Version4.10
IbmInformix Web Datablade Version4.11
IbmInformix Web Datablade Version4.12
IbmInformix Web Datablade Version4.13
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.2% 0.77
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P