Vulnerabilities > CVE-2007-4156 - Unspecified vulnerability in Woliocms

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

woliocms

exploit available

NVD

Published: 2007-08-03

Updated: 2024-11-21

Summary

Multiple SQL injection vulnerabilities in wolioCMS allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to member.php in a page action, related to a SELECT statement in common.php; and the (2) loginid parameter (uid variable), and possibly the (3) pwd parameter, to admin/index.php.

Vulnerable Configurations

Part	Description	Count
Application	Woliocms Woliocms Woliocms *	1

Exploit-Db

description	wolioCMS Auth Bypass / Remote SQL Injection Vulnerabilities. CVE-2007-4156. Webapps exploit for php platform
file	exploits/php/webapps/4246.txt
id	EDB-ID:4246
last seen	2016-01-31
modified	2007-07-30
platform	php
port
published	2007-07-30
reporter	k1tk4t
source	https://www.exploit-db.com/download/4246/
title	wolioCMS Auth Bypass / Remote SQL Injection Vulnerabilities
type	webapps

Summary

Vulnerable Configurations

Exploit-Db

References