7.5
CVE-2007-1838
- EPSS 2.18%
- Veröffentlicht 03.04.2007 00:19:00
- Zuletzt bearbeitet 16.06.2026 22:38:23
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in view.php in the Friendfinder 3.3 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the id parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Xoops ≫ Friendfinder Module Version <= 3.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.18% | 0.8 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://www.securityfocus.com/archive/1/464153/100/0/threaded
http://www.securityfocus.com/bid/23184
http://www.vupen.com/english/advisories/2007/1146
https://exchange.xforce.ibmcloud.com/vulnerabilities/33292
https://www.exploit-db.com/exploits/3597