Vulnerabilities > CVE-2007-0765 - SQL Injection vulnerability in Curium CMS News.PHP

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
db-masters-multimedia
exploit available

Summary

SQL injection vulnerability in news.php in dB Masters Curium CMS 1.03 and earlier allows remote attackers to execute arbitrary SQL commands via the c_id parameter.

Vulnerable Configurations

Part Description Count
Application
Db_Masters_Multimedia
1

Exploit-Db

descriptiondB Masters Curium CMS <= 1.03 (c_id) Remote SQL Injection Vulnerability. CVE-2007-0765. Webapps exploit for php platform
fileexploits/php/webapps/3256.txt
idEDB-ID:3256
last seen2016-01-31
modified2007-02-02
platformphp
port
published2007-02-02
reporterajann
sourcehttps://www.exploit-db.com/download/3256/
titledB Masters Curium CMS <= 1.03 c_id Remote SQL Injection Vulnerability
typewebapps