7.5
CVE-2007-2862
- EPSS 1.09%
- Veröffentlicht 24.05.2007 19:30:00
- Zuletzt bearbeitet 16.06.2026 22:40:34
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple SQL injection vulnerabilities in CubeCart 3.0.16 might allow remote attackers to execute arbitrary SQL commands via an unspecified parameter to cart.inc.php and certain other files in an include directory, related to missing sanitization of the $option variable and possibly cookie modification.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.09% | 0.61 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://osvdb.org/38100
http://securityreason.com/securityalert/2730
http://www.securityfocus.com/archive/1/469301/100/0/threaded
http://www.securityfocus.com/bid/24100
https://exchange.xforce.ibmcloud.com/vulnerabilities/34460