Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5688

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-5688
Last Modified 05 Sep 2008 12:00:00
Published 29 Oct 2007 03:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5688

Summary

Multiple SQL injection vulnerabilities in directory.php in the Multi-Forums (aka Multi Host Forum Pro) module 1.3.3, for phpBB and Invision Power Board (IPB or IP.Board), allow remote attackers to execute arbitrary SQL commands via the (1) go and (2) cat parameters.

Vulnerable Systems

Application

  • Invision Power Services Invision Power Board

  • Phpbb

  • Sebflipper Multi-forums Module 1.3.3


References

XF - phpbb-multiforums-sql-injection(37461)

BID - 26213

BUGTRAQ - 20071025 Multi Host Forum Pro phpbb & ipb Multiple Sql Injection

MISC - http://www.inj3ct-it.org/exploit/Multi_Host.txt

SECUNIA - 27406


Last Updated: 27 May 2016 10:46:14