Vulnerabilities > CVE-2007-3178 - SQL Injection vulnerability in Zindizayn Okul web Sistemi Zindizayn Okul web Sistemi 1.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

zindizayn-okul-web-sistemi

NVD

Published: 2007-06-11

Updated: 2018-10-16

Summary

Multiple SQL injection vulnerabilities in Zindizayn Okul Web Sistemi 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) pass parameter to (a) mezungiris.asp or (b) ogretmenkontrol.asp.

Vulnerable Configurations

Part	Description	Count
Application	Zindizayn_Okul_Web_Sistemi Zindizayn Okul WEB Sistemi Zindizayn Okul WEB Sistemi 1.0	1

References

http://osvdb.org/38348
http://osvdb.org/38349
http://securityreason.com/securityalert/2798
http://www.securityfocus.com/archive/1/469710/100/0/threaded
http://www.securityfocus.com/bid/24174
https://exchange.xforce.ibmcloud.com/vulnerabilities/34559