| |
Vulnerability CVE-2007-1656
Published: 2007-03-23 Modified: 2012-02-12
| Description: |
Multiple SQL injection vulnerabilities in index.php in Katalog Plyt Audio 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fraza and (2) litera parameters, different vectors than CVE-2007-1612. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
7.5/10 |
6.4/10 |
10/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
http://www.vupen.com/english/advisories/2007/1015
http://osvdb.org/37184
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
