Vulnerabilities > CVE-2007-3197 - SQL-Injection vulnerability in Vbsupport Integrated Ticket System

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

jelsoft

NVD

Published: 2007-06-12

Updated: 2008-11-15

Summary

SQL injection vulnerability in vBSupport.php in vBSupport 1.1 before 1.1a allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Jelsoft Jelsoft Vbsupport Integrated Ticket System *	1

References

http://osvdb.org/37162
http://www.vbulletin.org/forum/showthread.php?t=94023&page=38