Vulnerabilities > CVE-2007-4068 - SQL Injection vulnerability in Webyapar 2.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in Webyapar 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the kat_id parameter to the default URI in a download action or (2) the id parameter to the default URI in a duyurular_detay action.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Webyapar 2.0 Multiple Remote SQL Injection Vulnerabilities. CVE-2007-4068. Webapps exploit for php platform |
file | exploits/php/webapps/4224.txt |
id | EDB-ID:4224 |
last seen | 2016-01-31 |
modified | 2007-07-25 |
platform | php |
port | |
published | 2007-07-25 |
reporter | bypass |
source | https://www.exploit-db.com/download/4224/ |
title | Webyapar 2.0 - Multiple Remote SQL Injection Vulnerabilities |
type | webapps |