CVE-2007-1920 | Date: (C)2007-04-10 (M)2023-12-22 |
SQL injection vulnerability in index.php in the aktualnosci module in SmodBIP 1.06 and earlier allows remote attackers to execute arbitrary SQL commands via the zoom parameter, possibly related to home.php.
CVSS Score and Metrics +CVSS Score and Metrics -CVSS V2 Severity: |
CVSS Score : 7.5 |
Exploit Score: 10.0 |
Impact Score: 6.4 |
|
CVSS V2 Metrics: |
Access Vector: NETWORK |
Access Complexity: LOW |
Authentication: NONE |
Confidentiality: PARTIAL |
Integrity: PARTIAL |
Availability: PARTIAL |
| |