QwikSec

Security Database

CVE

CWE

Training

CVE-2007-4552

Published: Aug 28, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary SQL commands via the blockpage parameter. NOTE: as of 20070827, the vendor has made conflicting statements regarding whether this issue exists or not.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_OSVDB

vdb-entry

x_refsource_BID

http://forums.agaresmedia.com/viewtopic.php?f=13&t=19

x_refsource_MISC

http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.