CVE-2007-4362 - SQL injection vulnerability in category.php in Prozilla Webring allows remote attackers to execute a

CVE-2007-4362

Summary

SQL injection vulnerability in category.php in Prozilla Webring allows remote attackers to execute arbitrary SQL commands via the cat parameter.

References

Vulnerable Configurations

cpe:2.3:a:prozilla:webring:*:*:*:*:*:*:*:*
cpe:2.3:a:prozilla:webring:*:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bid	25292
exploit-db	4284
osvdb	36420
secunia	26446
vupen	ADV-2007-2877
xf	prozilla-category-sql-injection(35990)

Last major update

19-10-2017 - 01:30

Published

15-08-2007 - 19:17

Last modified

19-10-2017 - 01:30