7.5
CVE-2007-2207
- EPSS 1.69%
- Veröffentlicht 24.04.2007 20:19:00
- Zuletzt bearbeitet 16.06.2026 22:39:08
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in contact/index.php in Ripe Website Manager 0.8.4 and earlier allows remote attackers to execute arbitrary SQL commands via the ripeformpost parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ripe Website Manager ≫ Ripe Website Manager Version <= 0.8.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.69% | 0.741 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://john-martinelli.com/work/ripe.txt
http://secunia.com/advisories/24984
http://securityreason.com/securityalert/2602
http://www.securityfocus.com/bid/23597
http://www.vupen.com/english/advisories/2007/1519
http://osvdb.org/35363
http://www.securityfocus.com/archive/1/466673/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/33818