1 results (0.001 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2
CVE-2007-6462 – PHP Real Estate - 'fullnews.php?id' SQL Injection
https://notcve.org/view.php?id=CVE-2007-6462
SQL injection vulnerability in fullnews.php in PHP Real Estate Classifieds allows remote attackers to execute arbitrary SQL commands via the id parameter. Vulnerabilidad de inyección SQL en el fichero fullnews.php de PHP Real Estate Classifieds, Permite que atacantes remotos ejecuten comandos SQL arbitrarios a través del parámetro id. • https://www.exploit-db.com/exploits/4737 http://phprealestatescript.com/PHPREC-121707-646PM-PATCH.zip http://secunia.com/advisories/28119 http://www.securityfocus.com/bid/26888 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •