CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2007-5490 – Okul Otomasyon Portal 2.0 - SQL Injection
https://notcve.org/view.php?id=CVE-2007-5490
SQL injection vulnerability in default.asp in Okul Otomasyon Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. Vulnerabilidad de inyección SQL en default.asp en Okul Otomasyon Portal 2.0 permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id. • https://www.exploit-db.com/exploits/4539 http://secunia.com/advisories/27268 http://www.securityfocus.com/bid/26094 https://exchange.xforce.ibmcloud.com/vulnerabilities/37237 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.8EPSS: 5%CPEs: 1EXPL: 1CVE-2007-1514 – Viper Web Portal 0.1 - 'index.php' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2007-1514
PHP remote file inclusion vulnerability in index.php in ViperWeb Portal alpha 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the modpath parameter. Vulnerabilidad PHP de inclusión remota de archivo en index.php en ViperWeb Portal alpha 0.1 permite a atacantes remotos ejecutar código PHP de su elección a través de una URL en el parámetro modpath. • https://www.exploit-db.com/exploits/29744 http://osvdb.org/34310 http://securityreason.com/securityalert/2449 http://www.securityfocus.com/archive/1/462930/100/0/threaded http://www.securityfocus.com/bid/22979 https://exchange.xforce.ibmcloud.com/vulnerabilities/33034 •