QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-4804

Back to search

CVE-2007-4804

Published: Sep 11, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple SQL injection vulnerabilities in AuraCMS 1.5rc allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) hal.php, (2) cetak.php, (3) lihat.php, (4) pesan.php, and (5) teman.php, different vectors than CVE-2007-4171. NOTE: the scripts may be accessed through requests to the product's top-level default URI, using the pilih parameter, in some circumstances.

VendorProductVersions

n/a

n/a

affected
n/a

References

38411
vdb-entry
x_refsource_OSVDB
38412
vdb-entry
x_refsource_OSVDB
38413
vdb-entry
x_refsource_OSVDB
25614
vdb-entry
x_refsource_BID
38409
vdb-entry
x_refsource_OSVDB
38410
vdb-entry
x_refsource_OSVDB
4385
exploit
x_refsource_EXPLOIT-DB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now