Vulnerabilities > CVE-2007-3430 - Unspecified vulnerability in Simple Invoices Simple Invoices 20070525
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN simple-invoices
exploit available
Summary
SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote attackers to execute arbitrary SQL commands via the submit parameter in an email action.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Simple Invoices 2007 05 25 (index.php submit) SQL Injection Exploit. CVE-2007-3430. Webapps exploit for php platform |
| file | exploits/php/webapps/4098.php |
| id | EDB-ID:4098 |
| last seen | 2016-01-31 |
| modified | 2007-06-24 |
| platform | php |
| port | |
| published | 2007-06-24 |
| reporter | Kacper |
| source | https://www.exploit-db.com/download/4098/ |
| title | Simple Invoices 2007 05 25 index.php submit SQL Injection Exploit |
| type | webapps |
References
- http://osvdb.org/36293
- http://osvdb.org/36293
- http://secunia.com/advisories/25789
- http://secunia.com/advisories/25789
- http://www.securityfocus.com/bid/24601
- http://www.securityfocus.com/bid/24601
- http://www.vupen.com/english/advisories/2007/2310
- http://www.vupen.com/english/advisories/2007/2310
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35021
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35021
- https://www.exploit-db.com/exploits/4098
- https://www.exploit-db.com/exploits/4098