CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-0875

SQL injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: this issue has been disputed by a third party, stating that the file does not use a SQL database

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.5%

CVSS Severity

CVSS v2 Score 7.5

References

http://forums.avenir-geopolitique.net/viewtopic.php?t=2642
http://osvdb.org/33675
http://securityreason.com/securityalert/2235
http://www.securityfocus.com/archive/1/459649/100/0/threaded
http://www.securityfocus.com/archive/1/459796/100/200/threaded
http://www.securityfocus.com/bid/22507
http://forums.avenir-geopolitique.net/viewtopic.php?t=2642
http://osvdb.org/33675
http://securityreason.com/securityalert/2235
http://www.securityfocus.com/archive/1/459649/100/0/threaded
http://www.securityfocus.com/archive/1/459796/100/200/threaded
http://www.securityfocus.com/bid/22507

Products affected by CVE-2007-0875

Mcrefer » Mcrefer » Version: 1.0

cpe:2.3:a:mcrefer:mcrefer:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-0875

Products

Pricing

Contact Us