Vulnerabilities > CVE-2007-3809 - SQL Injection vulnerability in Prozilla Directory.PHP

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
prozilla
exploit available

Summary

Multiple SQL injection vulnerabilities in Prozilla Directory Script allow remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action to directory.php, and other unspecified vectors.

Vulnerable Configurations

Part Description Count
Application
Prozilla
1

Exploit-Db

descriptionProzilla Directory Script (directory.php cat_id) SQL Injection Vulnerbility. CVE-2007-3809. Webapps exploit for php platform
fileexploits/php/webapps/4185.txt
idEDB-ID:4185
last seen2016-01-31
modified2007-07-14
platformphp
port
published2007-07-14
reportert0pP8uZz
sourcehttps://www.exploit-db.com/download/4185/
titleProzilla Directory Script - directory.php cat_id SQL Injection Vulnerbility
typewebapps