Vulnerabilities > CVE-2007-1440 - SQL injection vulnerability in Jgbbs 3.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
jgbbs
exploit available
NVD
Published: 2007-03-13
Updated: 2018-10-16

Summary

SQL injection vulnerability in search.asp in JGBBS 3.0 Beta 1 allows remote attackers to execute arbitrary SQL commands via the author parameter.

Vulnerable Configurations

Part Description Count
Application
Jgbbs
1

Exploit-Db

descriptionJGBBS 3.0beta1 (search.asp author) SQL Injection Exploit. CVE-2007-1440,CVE-2007-1572. Webapps exploit for asp platform
fileexploits/asp/webapps/3470.html
idEDB-ID:3470
last seen2016-01-31
modified2007-03-13
platformasp
port
published2007-03-13
reporterWiLdBoY
sourcehttps://www.exploit-db.com/download/3470/
titleJGBBS 3.0beta1 search.asp author SQL Injection Exploit
typewebapps

References