CVE-2007-1122

Loading...

General

Score:6.4/10.0
Severity:Medium
Category:N/A
Exploit:Available

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 27/02/07 - Updated on 08/03/11

Description

Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens ZephyrSoft Toolbox Address Book Continued (ABC) 1.00 and 1.01 allow remote attackers to execute arbitrary SQL commands via the id parameter to the (1) updateRow and (2) deleteRow functions in functions.php, a variant of a SQL injection issue that was fixed in 1.01. NOTE: some of these details are obtained from third party information.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2007-1122

Exploits

SecurityFocusBID-22685

Relative technologies

VendorProduct
zephyrsoft_toolboxaddress_book_continued

Share this vulnerability with:

Twitter Facebook LinkedIn Mail