Vulnerability Details CVE-2007-2622
Multiple SQL injection vulnerabilities in TaskDriver 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to login.php or (2) the taskid parameter to notes.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/35972
- http://osvdb.org/35973
- http://secunia.com/advisories/25221
- http://www.securityfocus.com/bid/23919
- http://www.vupen.com/english/advisories/2007/1768
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34249
- https://www.exploit-db.com/exploits/3896
- http://osvdb.org/35972
- http://osvdb.org/35973
- http://secunia.com/advisories/25221
- http://www.securityfocus.com/bid/23919
- http://www.vupen.com/english/advisories/2007/1768
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34249
- https://www.exploit-db.com/exploits/3896
Products affected by CVE-2007-2622
-
cpe:2.3:a:taskdriver:taskdriver:*