CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2007-3884 – husrevforum 1.0.1/2.0.1 - 'Philboard_forum.asp' SQL Injection
https://notcve.org/view.php?id=CVE-2007-3884
SQL injection vulnerability in philboard_forum.asp in husrevforum 1.0.1 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: it was later reported that 2.0.1 is also affected. Una vulnerabilidad de inyección SQL en el archivo philboard_forum.asp en husrevforum versión 1.0.1, permite a atacantes remotos ejecutar comandos SQL arbitrarios por medio del parámetro forumid. NOTA: más tarde se reportó que la versión 2.0.1 también está afectada. • https://www.exploit-db.com/exploits/30316 http://secunia.com/advisories/26089 http://secunia.com/advisories/26736 http://www.osvdb.org/38185 http://www.securityfocus.com/archive/1/478974/100/0/threaded http://www.securityfocus.com/bid/24928 http://www.vupen.com/english/advisories/2007/2557 http://yollubunlar.org/husrev-forums-v201powerboard-sql-injection-exploit-3503.html https://exchange.xforce.ibmcloud.com/vulnerabilities/35443 https://exchange.xforce.ibmcloud.com/vulnerabilities/36530 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-7161
https://notcve.org/view.php?id=CVE-2006-7161
SQL injection vulnerability in giris_yap.asp in Hazir Site 2.0 allows remote attackers to bypass authentication via the (1) k_a class or (2) sifre parameter. Vulnerabilidad de inyección SQL en el giris_yap.asp del Hazir Site 2.0 permite a atacantes remotos evitar la autenticación a través de los parámetros 1) k_a class o (2) sifre. • http://securityreason.com/securityalert/2374 http://www.securityfocus.com/archive/1/447829/100/0/threaded http://www.securityfocus.com/bid/20375 https://exchange.xforce.ibmcloud.com/vulnerabilities/29371 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2006-6337 – Aspee Ziyaretci Defteri - 'giris.asp' Multiple Field SQL Injections
https://notcve.org/view.php?id=CVE-2006-6337
Multiple SQL injection vulnerabilities in giris.asp in Aspee and Dogantepe Ziyaretci Defteri allow remote attackers to execute arbitrary SQL commands via the (1) kullanici or (2) parola parameter. Múltiples vulnerabilidades de inyección SQL en giris.asp de Aspee y Dogantepe Ziyaretci Defteri permiten a atacantes remotos ejecutar comandos SQL de su elección mediante los parámetros (1) kullanici y (2) parola. • https://www.exploit-db.com/exploits/29216 http://secunia.com/advisories/23291 http://www.securityfocus.com/archive/1/453234/100/0/threaded http://www.securityfocus.com/archive/1/454589/100/0/threaded http://www.securityfocus.com/bid/21398 http://www.securityfocus.com/bid/21627 http://www.vupen.com/english/advisories/2006/4825 https://exchange.xforce.ibmcloud.com/vulnerabilities/30919 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2006-5023 – xweblog 2.1 - 'kategori.asp' SQL Injection
https://notcve.org/view.php?id=CVE-2006-5023
SQL injection vulnerability in kategori.asp in xweblog 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the kategori parameter. Vulnerabilidad de inyección SQL en kategori.asp en xweblog 2.1 y anteriores permite a un atacante remoto ejecutar comandos SQL de su elección a través del parámetro kategori. • https://www.exploit-db.com/exploits/2416 http://secunia.com/advisories/22052 http://www.securityfocus.com/bid/20145 http://www.vupen.com/english/advisories/2006/3762 https://exchange.xforce.ibmcloud.com/vulnerabilities/29103 •