Vulnerabilities > CVE-2007-4111 - SQL Injection vulnerability in Real Estate Listing Website Application Template Login Dialog

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
codewidgets
exploit available
NVD
Published: 2007-07-31
Updated: 2018-10-15

Summary

SQL injection vulnerability in the login script in Real Estate listing website application template, when logging in as user or manager, allows remote attackers to execute arbitrary SQL commands via the Password parameter.

Vulnerable Configurations

Part Description Count
Application
Codewidgets
1

Exploit-Db

descriptionReal Estate Listing Website Application Template Login Dialog SQL Injection Vulnerability. CVE-2007-4111. Webapps exploit for asp platform
idEDB-ID:30428
last seen2016-02-03
modified2007-07-28
published2007-07-28
reporterAria-Security Team
sourcehttps://www.exploit-db.com/download/30428/
titleReal Estate Listing Website Application Template Login Dialog SQL Injection Vulnerability

References