CVE-2007-6269

{"id": "CVE-2007-6269", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-12-07T11:46:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=119678724111351&w=2", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/40576", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/27923", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.procheckup.com/Vulnerability_PR07-39.php", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/26692", "tags": ["Exploit", "Patch"], "source": "cve@mitre.org"}, {"url": "http://www.xigla.com/news/default.aspx", "source": "cve@mitre.org"}, {"url": "http://www.xigla.com/security/ANMNET51-SecurityUpdate20071128.zip", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38871", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=119678724111351&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/40576", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/27923", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.procheckup.com/Vulnerability_PR07-39.php", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/26692", "tags": ["Exploit", "Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.xigla.com/news/default.aspx", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.xigla.com/security/ANMNET51-SecurityUpdate20071128.zip", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38871", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in xlaabsolutenm.aspx in Absolute News Manager.NET 5.1 allow remote attackers to execute arbitrary SQL commands via the (1) z, (2) pz, (3) ord, and (4) sort parameters."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en el fichero xlaabsolutenm.aspx de Absolute News Manager.NET 5.1 . Permite que atacantes remotos ejecuten comandos SQL a su elecci\u00f3n, usando los par\u00e1metros (1) z, (2) pz, (3) ord y (4) sort."}], "lastModified": "2024-11-21T00:39:44.577", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:xigla:absolute_news_manager.net:5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E8EFC50-220C-4D80-8133-8DC6BD91E92E"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}