CVE-2007-0642

Published: Jan 31, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

SQL injection vulnerability in tForum 2.00 in the Raymond BERTHOU script collection (aka RBL - ASP) allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) pass to user_confirm.asp.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

22350

vdb-entry

x_refsource_BID

20070127 RBL - ASP (scripts with db) SQL injection

mailing-list

x_refsource_BUGTRAQ

http://forums.avenir-geopolitique.net/viewtopic.php?t=2607

x_refsource_MISC

2201

third-party-advisory

x_refsource_SREASON

rbl-userpass-sql-injection(31927)

vdb-entry

x_refsource_XF

36040

vdb-entry

x_refsource_OSVDB

20070131 Partial source code verify - "RBL - ASP" scripts SQL injection

mailing-list

x_refsource_VIM

20070129 RBL - ASP (scripts with db) SQL injection

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-0642

Description

Affected Products

References