Vulnerability Details CVE-2007-3631
SQL injection vulnerability in index.php in GameSiteScript (gss) 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the params parameter, related to missing input validation of the id field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/36362
- http://secunia.com/advisories/25983
- http://www.securityfocus.com/bid/24807
- http://www.vupen.com/english/advisories/2007/2460
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35292
- https://www.exploit-db.com/exploits/4159
- http://osvdb.org/36362
- http://secunia.com/advisories/25983
- http://www.securityfocus.com/bid/24807
- http://www.vupen.com/english/advisories/2007/2460
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35292
- https://www.exploit-db.com/exploits/4159
Products affected by CVE-2007-3631
-
cpe:2.3:a:gamesitescript:gamesitescript:*