Vulnerabilities > CVE-2007-1293 - SQL injection vulnerability in Rigter Portal System Rigter Portal System 6.2

047910
CVSS 5.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
network
rigter-portal-system
exploit available
NVD
Published: 2007-03-07
Updated: 2018-10-16

Summary

SQL injection vulnerability in Rigter Portal System (RPS) 6.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categoria parameter to the top-level URI (index.php), possibly related to ver_descarga.php.

Vulnerable Configurations

Part Description Count
Application
Rigter_Portal_System
1

Exploit-Db

descriptionRigter Portal System (RPS) 6.2 Remote Blind SQL Injection Exploit. CVE-2007-1293. Webapps exploit for php platform
fileexploits/php/webapps/3403.php
idEDB-ID:3403
last seen2016-01-31
modified2007-03-04
platformphp
port
published2007-03-04
reporters0cratex
sourcehttps://www.exploit-db.com/download/3403/
titleRigter Portal System RPS 6.2 - Remote Blind SQL Injection Exploit
typewebapps

References