7.5
CVE-2007-0354
- EPSS 1.99%
- Veröffentlicht 19.01.2007 01:28:00
- Zuletzt bearbeitet 16.06.2026 22:35:24
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in email.php in MGB OpenSource Guestbook 0.5.4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mgb ≫ Opensource Guestbook Version <= 0.5.4.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.99% | 0.781 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://osvdb.org/31612
http://secunia.com/advisories/23825
http://www.attrition.org/pipermail/vim/2007-January/001246.html
http://www.securityfocus.com/bid/22094
http://www.tv-kritik.net/mgb/index.php
http://www.vupen.com/english/advisories/2007/0232
https://exchange.xforce.ibmcloud.com/vulnerabilities/31551
https://www.exploit-db.com/exploits/3141