Vulnerabilities > CVE-2007-1705 - Unspecified vulnerability in Active Trade Active Trade 2

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
active-trade
exploit available
NVD
Published: 2007-03-27
Updated: 2017-10-11

Summary

SQL injection vulnerability in default.asp in Active Trade 2 allows remote attackers to execute arbitrary SQL commands via the catid parameter.

Vulnerable Configurations

Part Description Count
Application
Active_Trade
1

Exploit-Db

descriptionActive Trade v 2 (default.asp catid) Remote SQL Injection Vulnerability. CVE-2007-1705. Webapps exploit for asp platform
fileexploits/asp/webapps/3549.txt
idEDB-ID:3549
last seen2016-01-31
modified2007-03-23
platformasp
port
published2007-03-23
reporterCyberGhost
sourcehttps://www.exploit-db.com/download/3549/
titleActive Trade 2 - default.asp catid Remote SQL Injection Vulnerability
typewebapps

References