Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4116

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2007-4116
Last Modified 07 Mar 2011 09:57:50
Published 31 Jul 2007 06:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4116

Summary

SQL injection vulnerability in philboard_forum.asp in Metyus Forum Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: this might be related to CVE-2007-0920 or CVE-2007-3884.

Vulnerable Systems

Application

  • Metyus Forum Portal 1.0


References

VUPEN - ADV-2007-2718

BID - 25096

BUGTRAQ - 20070727 Metyus Forum Portal v1.0

SECUNIA - 26253

XF - metyus-philboardforum-sql-injection(35651)

SREASON - 2951


Last Updated: 27 May 2016 10:45:46