Vulnerabilities > CVE-2007-3000 - Unspecified vulnerability in PHP Jackknife PHP Jackknife 2.21
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN php-jackknife
exploit available
Summary
Multiple SQL injection vulnerabilities in PHP JackKnife (PHPJK) allow remote attackers to execute arbitrary SQL commands via (1) the iCategoryUnq parameter to G_Display.php or (2) the iSearchID parameter to Search/DisplayResults.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description PHP JackKnife 2.21 (PHPJK) Search/DisplayResults.php iSearchID Parameter SQL Injection. CVE-2007-3000. Webapps exploit for php platform id EDB-ID:30113 last seen 2016-02-03 modified 2007-05-31 published 2007-05-31 reporter laurent gaffie source https://www.exploit-db.com/download/30113/ title PHP JackKnife 2.21 PHPJK Search/DisplayResults.php iSearchID Parameter SQL Injection description PHP JackKnife 2.21 (PHPJK) G_Display.php iCategoryUnq Parameter SQL Injection. CVE-2007-3000. Webapps exploit for php platform id EDB-ID:30112 last seen 2016-02-03 modified 2007-05-31 published 2007-05-31 reporter laurent gaffie source https://www.exploit-db.com/download/30112/ title PHP JackKnife 2.21 PHPJK G_Display.php iCategoryUnq Parameter SQL Injection
References
- http://osvdb.org/36318
- http://osvdb.org/36318
- http://osvdb.org/36319
- http://osvdb.org/36319
- http://secunia.com/advisories/25487
- http://secunia.com/advisories/25487
- http://securityreason.com/securityalert/2768
- http://securityreason.com/securityalert/2768
- http://www.securityfocus.com/archive/1/470111/100/0/threaded
- http://www.securityfocus.com/archive/1/470111/100/0/threaded
- http://www.securityfocus.com/bid/24253
- http://www.securityfocus.com/bid/24253
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34641
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34641