Vulnerabilities > CVE-2007-0133 - SQL-Injection vulnerability in iG Shop
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in display_review.php in iGeneric iG Shop 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) user_login_cookie parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | iG Shop 1.0 (eval/sql injection) Multiple Remote Vulnerabilities. CVE-2007-0132,CVE-2007-0133,CVE-2007-0134. Webapps exploit for php platform |
file | exploits/php/webapps/3083.txt |
id | EDB-ID:3083 |
last seen | 2016-01-31 |
modified | 2007-01-05 |
platform | php |
port | |
published | 2007-01-05 |
reporter | Michael Brooks |
source | https://www.exploit-db.com/download/3083/ |
title | ig shop 1.0 eval/SQL Injection Multiple Vulnerabilities |
type | webapps |