Vulnerabilities > CVE-2007-2675 - SQL Injection vulnerability in PRE Projects PRE Classifieds Listings 1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in search.php in Pre Classifieds Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description Pre Classifieds Listings 1.0 Remote SQL Injection Vulnerability. CVE-2007-2675. Webapps exploit for php platform file exploits/php/webapps/3840.txt id EDB-ID:3840 last seen 2016-01-31 modified 2007-05-03 platform php port published 2007-05-03 reporter Mehmet Ince source https://www.exploit-db.com/download/3840/ title Pre Classifieds Listings 1.0 - Remote SQL Injection Vulnerability type webapps description ASP Classifieds SQL Injection. CVE-2007-2675. Webapps exploit for php platform id EDB-ID:18613 last seen 2016-02-02 modified 2012-03-17 published 2012-03-17 reporter r45c4l source https://www.exploit-db.com/download/18613/ title ASP Classifieds SQL Injection
References
- http://osvdb.org/35597
- http://secunia.com/advisories/25144
- http://www.securityfocus.com/bid/23795
- http://www.securityfocus.com/bid/52543
- http://www.securityfocus.com/bid/52543/exploit
- http://www.vupen.com/english/advisories/2007/1655
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34037
- https://www.exploit-db.com/exploits/3840