Vulnerabilities > CVE-2007-4110 - Unspecified vulnerability in Codewidgets Threaded Discussion Forum Application
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN codewidgets
exploit available
Summary
SQL injection vulnerability in sign_in.aspx in Message Board / Threaded Discussion Forum Application Template allows remote attackers to execute arbitrary SQL commands via the Password parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Message Board / Threaded Discussion Forum Sign_In.ASPX SQL Injection Vulnerability. CVE-2007-4110. Webapps exploit for asp platform |
| id | EDB-ID:30426 |
| last seen | 2016-02-03 |
| modified | 2007-07-28 |
| published | 2007-07-28 |
| reporter | Aria-Security Team |
| source | https://www.exploit-db.com/download/30426/ |
| title | Message Board / Threaded Discussion Forum Sign_In.ASPX SQL Injection Vulnerability |
References
- http://outlaw.aria-security.info/?p=10
- http://outlaw.aria-security.info/?p=10
- http://secunia.com/advisories/26245
- http://secunia.com/advisories/26245
- http://securityreason.com/securityalert/2936
- http://securityreason.com/securityalert/2936
- http://www.securityfocus.com/archive/1/474937/100/0/threaded
- http://www.securityfocus.com/archive/1/474937/100/0/threaded
- http://www.securityfocus.com/bid/25113
- http://www.securityfocus.com/bid/25113
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35661
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35661