Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4603

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-4603
Last Modified 24 Aug 2013 01:35:38
Published 30 Aug 2007 08:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4603

Summary

Multiple SQL injection vulnerabilities in index.php in ACG News 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the aid parameter in a showarticle action or (2) the catid parameter in a showcat action.

Vulnerable Systems

Application

  • Altercoder Acg News 1.0


References

XF - acgnews-index-sql-injection(36293)

BID - 25466

MILW0RM - 4330

MISC - http://14house.blogspot.com/2007/08/acg-news-sql-injection.html

OSVDB - 36691

OSVDB - 36690

SECUNIA - 26637


Last Updated: 27 May 2016 10:45:54