{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T08:09:20.935","vulnerabilities":[{"cve":{"id":"CVE-2007-2959","sourceIdentifier":"cve@mitre.org","published":"2007-05-31T23:30:00.000","lastModified":"2025-04-09T00:30:58.490","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"SQL injection vulnerability in manufacturer.php in cpCommerce before 1.1.0 allows remote attackers to execute arbitrary SQL commands via the id_manufacturer parameter."},{"lang":"es","value":"Vulnerabilidad de inyección SQL en el manufacturer.php del cpCommerce anterior al 1.1.0 permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id_manufacturer."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cpcommerce:cpcommerce:1.0.5.1:*:*:*:*:*:*:*","matchCriteriaId":"EB243261-AB50-46AF-B7A3-42ACF9FAC8F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpcommerce:cpcommerce:1.0.6:*:*:*:*:*:*:*","matchCriteriaId":"CF21D39C-1BEA-4595-A869-ACC08F0AF744"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpcommerce:cpcommerce:1.0.7:*:*:*:*:*:*:*","matchCriteriaId":"BB29AF15-B8BE-4160-9FCE-11C97710F1E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpcommerce:cpcommerce:1.0.7.1:*:*:*:*:*:*:*","matchCriteriaId":"A0A411EE-19E6-44CA-879D-0C2FCB2E1963"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpcommerce:cpcommerce:1.0.7.2:*:*:*:*:*:*:*","matchCriteriaId":"8425BFB3-5349-44C7-A378-75F2BE3820B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpcommerce:cpcommerce:1.0.7.3:*:*:*:*:*:*:*","matchCriteriaId":"013D4ED2-C532-4A1A-AF37-B21D83BEADB9"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpcommerce:cpcommerce:1.0.7.4:*:*:*:*:*:*:*","matchCriteriaId":"5F8A3E39-2CCF-4DE8-BC76-1B101F7C4415"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpcommerce:cpcommerce:1.0.8:*:*:*:*:*:*:*","matchCriteriaId":"07FBA21A-1B1A-44FD-BC41-F95E4CD24A12"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpcommerce:cpcommerce:1.0.9:*:*:*:*:*:*:*","matchCriteriaId":"0C8EE244-FD27-4184-BB8A-49293A40C479"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpcommerce:cpcommerce:1.0.9a:*:*:*:*:*:*:*","matchCriteriaId":"27B52C0D-174E-4EBF-86B8-E918824E75F8"}]}]}],"references":[{"url":"http://osvdb.org/38042","source":"cve@mitre.org"},{"url":"http://securityreason.com/securityalert/2747","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/archive/1/469910/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/24223","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34573","source":"cve@mitre.org"},{"url":"http://osvdb.org/38042","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://securityreason.com/securityalert/2747","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/archive/1/469910/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/24223","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34573","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}