Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6663

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-6663
Last Modified 05 Aug 2011 12:00:00
Published 04 Jan 2008 06:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6663

Summary

SQL injection vulnerability in (1) Puarcade.php and (2) PUarcade.html.php in Pragmatic Utopia PU Arcade (com_puarcade) 2.0.3, 2.1.2, and 2.1.3 Beta component for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter to index.php.

Vulnerable Systems

Application

  • Pragmatic Utopia Pu Arcade 2.0.3

  • Pragmatic Utopia Pu Arcade 2.1.2

  • Pragmatic Utopia Pu Arcade 2.1.3

  • Pragmatic Utopia Pu Arcade 2.1.3 Beta


References

XF - joomlacomponentpuarcade-index-sql-injection(39332)

VUPEN - ADV-2008-0052

BID - 27089

CONFIRM - http://www.pragmaticutopia.com/index2.php?option=com_content&do_pdf=1&id=224

CONFIRM - http://www.pragmaticutopia.com/index.php?option=com_fireboard&Itemid=121&func=view&id=4407&catid=2#4408

CONFIRM - http://www.pragmaticutopia.com/

MILW0RM - 4827

SECUNIA - 28295

OSVDB - 39886

OSVDB - 39787

XF - puarcade-index-sql-injection(39332)


Last Updated: 27 May 2016 10:57:52