Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6004

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-6004
Last Modified 07 Mar 2011 10:01:38
Published 15 Nov 2007 05:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6004

Summary

Multiple SQL injection vulnerabilities in index.php in Toko Instan 7.6 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in an artikel action or (2) the katid parameter in a produk action.

Vulnerable Systems

Application

  • Toko Instan 7.6


References

VUPEN - ADV-2007-3906

BID - 26433

MILW0RM - 4623

XF - tokoinstan-index-sql-injection(38449)


Last Updated: 27 May 2016 10:46:21