Vulnerabilities > CVE-2007-1293 - SQL injection vulnerability in Rigter Portal System Rigter Portal System 6.2
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
SQL injection vulnerability in Rigter Portal System (RPS) 6.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categoria parameter to the top-level URI (index.php), possibly related to ver_descarga.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Rigter Portal System (RPS) 6.2 Remote Blind SQL Injection Exploit. CVE-2007-1293. Webapps exploit for php platform |
file | exploits/php/webapps/3403.php |
id | EDB-ID:3403 |
last seen | 2016-01-31 |
modified | 2007-03-04 |
platform | php |
port | |
published | 2007-03-04 |
reporter | s0cratex |
source | https://www.exploit-db.com/download/3403/ |
title | Rigter Portal System RPS 6.2 - Remote Blind SQL Injection Exploit |
type | webapps |
References
- http://osvdb.org/33831
- http://secunia.com/advisories/24382
- http://www.securityfocus.com/archive/1/462146/100/0/threaded
- http://www.securityfocus.com/bid/22813
- http://www.vupen.com/english/advisories/2007/0813
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32784
- https://www.exploit-db.com/exploits/3403