Vulnerabilities > CVE-2007-1566 - SQL Injection vulnerability in NetVios Portal Page.ASP

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
netvios
exploit available

Summary

SQL injection vulnerability in News/page.asp in NetVIOS Portal allows remote attackers to execute arbitrary SQL commands via the NewsID parameter. NOTE: this issue might be the same as CVE-2006-5954.

Vulnerable Configurations

Part Description Count
Application
Netvios
1

Exploit-Db

  • descriptionNetVIOS <= 2.0 (page.asp) Remote SQL Injection Vulnerability. CVE-2006-5954,CVE-2007-1566. Webapps exploit for asp platform
    fileexploits/asp/webapps/2780.txt
    idEDB-ID:2780
    last seen2016-01-31
    modified2006-11-14
    platformasp
    port
    published2006-11-14
    reporterajann
    sourcehttps://www.exploit-db.com/download/2780/
    titleNetVIOS <= 2.0 page.asp Remote SQL Injection Vulnerability
    typewebapps
  • descriptionNetVios Portal (page.asp) Remote SQL Injection Vulnerability. CVE-2006-5954,CVE-2007-1566. Webapps exploit for asp platform
    fileexploits/asp/webapps/3520.txt
    idEDB-ID:3520
    last seen2016-01-31
    modified2007-03-19
    platformasp
    port
    published2007-03-19
    reporterparad0x
    sourcehttps://www.exploit-db.com/download/3520/
    titleNetVios Portal page.asp Remote SQL Injection Vulnerability
    typewebapps