Vulnerabilities > CVE-2007-1019 - Unspecified vulnerability in Webspell 4.01.02

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
webspell
exploit available
NVD
Published: 2007-02-21
Updated: 2024-11-21

Summary

SQL injection vulnerability in news.php in webSPELL 4.01.02, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the showonly parameter to index.php, a different vector than CVE-2006-5388.

Vulnerable Configurations

Part Description Count
Application
Webspell
1

Exploit-Db

descriptionwebSPELL 4.01.02 (showonly) Remote Blind SQL Injection Exploit. CVE-2007-1019. Webapps exploit for php platform
fileexploits/php/webapps/3325.pl
idEDB-ID:3325
last seen2016-01-31
modified2007-02-16
platformphp
port
published2007-02-16
reporterDNX
sourcehttps://www.exploit-db.com/download/3325/
titlewebSPELL 4.01.02 showonly Remote Blind SQL Injection Exploit
typewebapps

References