Vulnerabilities > CVE-2007-4085 - SQL-Injection vulnerability in AskMe Pro
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow remote attackers to execute arbitrary SQL commands via the (1) que_id parameter to forum_answer.php or (2) the cat_id parameter to search.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | AskMe Pro 2.1 (que_id) SQL Injection Vulnerability. CVE-2007-4085. Webapps exploit for php platform |
id | EDB-ID:12372 |
last seen | 2016-02-01 |
modified | 2010-04-24 |
published | 2010-04-24 |
reporter | v3n0m |
source | https://www.exploit-db.com/download/12372/ |
title | AskMe Pro 2.1 que_id SQL Injection Vulnerability |