Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6128

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-6128
Last Modified 07 Mar 2011 10:01:49
Published 26 Nov 2007 05:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6128

Summary

SQL injection vulnerability in events.php in WorkingOnWeb 2.0.1400 allows remote attackers to execute arbitrary SQL commands via the idevent parameter.

Vulnerable Systems

Application

  • Flor De Utopia Workingonweb 2.0.1400


References

VUPEN - ADV-2007-3998

BID - 26563

MILW0RM - 4653

XF - workingonweb-events-sql-injection(38612)


Last Updated: 27 May 2016 10:46:24