Vulnerabilities > CVE-2007-4068 - Unspecified vulnerability in Webyapar 2.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN webyapar
exploit available
Summary
Multiple SQL injection vulnerabilities in Webyapar 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the kat_id parameter to the default URI in a download action or (2) the id parameter to the default URI in a duyurular_detay action.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Webyapar 2.0 Multiple Remote SQL Injection Vulnerabilities. CVE-2007-4068. Webapps exploit for php platform |
| file | exploits/php/webapps/4224.txt |
| id | EDB-ID:4224 |
| last seen | 2016-01-31 |
| modified | 2007-07-25 |
| platform | php |
| port | |
| published | 2007-07-25 |
| reporter | bypass |
| source | https://www.exploit-db.com/download/4224/ |
| title | Webyapar 2.0 - Multiple Remote SQL Injection Vulnerabilities |
| type | webapps |
References
- http://osvdb.org/37131
- http://osvdb.org/37131
- http://osvdb.org/37132
- http://osvdb.org/37132
- http://www.securityfocus.com/bid/25061
- http://www.securityfocus.com/bid/25061
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35603
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35603
- https://www.exploit-db.com/exploits/4224
- https://www.exploit-db.com/exploits/4224