7.5
CVE-2007-1712
- EPSS 1.05%
- Veröffentlicht 27.03.2007 21:19:00
- Zuletzt bearbeitet 16.06.2026 22:38:09
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in default.asp in ActiveWebSoftwares Active Auction Pro 7.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Active Web Softwares ≫ Active Auction House Version7.1 Editionpro
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.05% | 0.597 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/24626
http://www.osvdb.org/34420
http://www.vupen.com/english/advisories/2007/1097
https://exchange.xforce.ibmcloud.com/vulnerabilities/33182
https://www.exploit-db.com/exploits/3551