Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6080

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-6080
Last Modified 05 Aug 2011 12:00:00
Published 21 Nov 2007 05:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6080

Summary

SQL injection vulnerability in modules/banners/click.php in the banners module for bcoos 1.0.10 allows remote attackers to execute arbitrary SQL commands via the bid parameter. NOTE: it was later reported that 1.0.13 is also affected.

Vulnerable Systems

Application

  • Bcoos 1.0.10


References

XF - bcoos-bid-sql-injection(46156)

XF - bcoos-click-sql-injection(38594)

VUPEN - ADV-2007-3962

MISC - http://www.securityfocus.com/bid/31941/exploit

BID - 31941

BID - 26505

MILW0RM - 4637


Last Updated: 27 May 2016 10:46:22