Vulnerabilities > CVE-2007-1021 - SQL Injection vulnerability in Xfairguy Codeavalanche News 1.X
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
SQL injection vulnerability in inc_listnews.asp in CodeAvalanche News 1.x allows remote attackers to execute arbitrary SQL commands via the CAT_ID parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | CodeAvalanche News 1.x (CAT_ID) Remote SQL Injection Vulnerability. CVE-2007-1021. Webapps exploit for asp platform |
file | exploits/asp/webapps/3317.txt |
id | EDB-ID:3317 |
last seen | 2016-01-31 |
modified | 2007-02-15 |
platform | asp |
port | |
published | 2007-02-15 |
reporter | beks |
source | https://www.exploit-db.com/download/3317/ |
title | CodeAvalanche News 1.x CAT_ID Remote SQL Injection Vulnerability |
type | webapps |