Vulnerability Details CVE-2007-3430
SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote attackers to execute arbitrary SQL commands via the submit parameter in an email action.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/36293
- http://secunia.com/advisories/25789
- http://www.securityfocus.com/bid/24601
- http://www.vupen.com/english/advisories/2007/2310
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35021
- https://www.exploit-db.com/exploits/4098
- http://osvdb.org/36293
- http://secunia.com/advisories/25789
- http://www.securityfocus.com/bid/24601
- http://www.vupen.com/english/advisories/2007/2310
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35021
- https://www.exploit-db.com/exploits/4098
Products affected by CVE-2007-3430
-
cpe:2.3:a:simple_invoices:simple_invoices:2007-05-25