QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-6579

Back to search

CVE-2007-6579

Published: Dec 28, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple SQL injection vulnerabilities in Ip Reg 0.3 allow remote attackers to execute arbitrary SQL commands via the vlan_id parameter to (1) vlanview.php, (2) vlanedit.php, and (3) vlandel.php; the (4) assetclassgroup_id parameter to assetclassgroupview.php; the (5) subnet_id parameter to nodelist.php; and unspecified other vectors. NOTE: it was later reported that the vlanview.php and vlandel.php vectors are also in 0.4.

VendorProductVersions

n/a

n/a

affected
n/a

References

39777
vdb-entry
x_refsource_OSVDB
39780
vdb-entry
x_refsource_OSVDB
26993
vdb-entry
x_refsource_BID
39776
vdb-entry
x_refsource_OSVDB
4771
exploit
x_refsource_EXPLOIT-DB
39779
vdb-entry
x_refsource_OSVDB
39778
vdb-entry
x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now