Vulnerabilities > CVE-2007-3452 - Unspecified vulnerability in Edocstore
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN edocstore
exploit available
Summary
SQL injection vulnerability in essentials/minutes/doc.php in eDocStore allows remote attackers to execute arbitrary SQL commands via the doc_id parameter in an inline action.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | eDocStore (doc.php doc_id) Remote SQL Injection Vulnerability. CVE-2007-3452. Webapps exploit for php platform |
| file | exploits/php/webapps/4108.txt |
| id | EDB-ID:4108 |
| last seen | 2016-01-31 |
| modified | 2007-06-25 |
| platform | php |
| port | |
| published | 2007-06-25 |
| reporter | t0pP8uZz |
| source | https://www.exploit-db.com/download/4108/ |
| title | eDocStore doc.php doc_id Remote SQL Injection Vulnerability |
| type | webapps |
References
- http://osvdb.org/36292
- http://osvdb.org/36292
- http://secunia.com/advisories/25831
- http://secunia.com/advisories/25831
- http://www.vupen.com/english/advisories/2007/2327
- http://www.vupen.com/english/advisories/2007/2327
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35057
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35057
- https://www.exploit-db.com/exploits/4108
- https://www.exploit-db.com/exploits/4108