Vulnerabilities > CVE-2007-3684 - Input Validation vulnerability in Unobtrusive AJAX Star Rating Bar

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
masuga-design

Summary

Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star Rating Bar before 1.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) q and (2) t parameters in (a) db.php and (b) rpc.php.

Vulnerable Configurations

Part Description Count
Application
Masuga_Design
1