7.5
CVE-2007-1696
- EPSS 1.2%
- Veröffentlicht 27.03.2007 01:19:00
- Zuletzt bearbeitet 16.06.2026 22:38:07
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in ViewNewspapers.asp in Active Newsletter 4.3 and earlier allows remote attackers to execute arbitrary SQL commands via the NewsPaperID parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Active Web Softwares ≫ Active Newsletter Version <= 4.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.2% | 0.64 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/24640
http://www.osvdb.org/34491
http://www.securityfocus.com/bid/23115
http://www.vupen.com/english/advisories/2007/1098
https://exchange.xforce.ibmcloud.com/vulnerabilities/33197
https://www.exploit-db.com/exploits/3556