Vulnerabilities > CVE-2007-4183 - SQL Injection vulnerability in PHP Arena paBugs

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
php-arena
exploit available

Summary

SQL injection vulnerability in main.php in paBugs 2.0 Beta 3 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php.

Vulnerable Configurations

Part Description Count
Application
Php_Arena
1

Exploit-Db

descriptionpaBugs <= 2.0 Beta 3 (main.php cid) Remote SQL Injection Exploit. CVE-2007-4183. Webapps exploit for php platform
fileexploits/php/webapps/4253.pl
idEDB-ID:4253
last seen2016-01-31
modified2007-08-02
platformphp
port
published2007-08-02
reporteruimp
sourcehttps://www.exploit-db.com/download/4253/
titlepaBugs <= 2.0 Beta 3 main.php cid Remote SQL Injection Exploit
typewebapps