Vulnerabilities > CVE-2007-2810 - SQL Injection vulnerability in Gazi Download Portal Down_Indir.ASP

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
gazi-download-portal
critical
exploit available
NVD
Published: 2007-05-22
Updated: 2017-07-29

Summary

SQL injection vulnerability in down_indir.asp in Gazi Download Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part Description Count
Application
Gazi_Download_Portal
1

Exploit-Db

descriptionGazi Download Portal Down_Indir.ASP SQL Injection Vulnerability. CVE-2007-2810 . Webapps exploit for asp platform
idEDB-ID:29933
last seen2016-02-03
modified2007-04-30
published2007-04-30
reporterertuqrul
sourcehttps://www.exploit-db.com/download/29933/
titleGazi Download Portal Down_Indir.ASP SQL Injection Vulnerability

References