CVE-2007-0688

Properties

Published:
01.02.2007
Updated:
27.02.2008
Patch available:
Severity:
High
CVSS vector:
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Product:
Hunkaray Duyuru: Scripti

Vulnerability description

SQL injection vulnerability in oku.asp in Hunkaray Duyuru Scripti allows remote attackers to execute arbitrary SQL commands via the id parameter.

References:

http://www.milw0rm.com/exploits/3241: http://www.milw0rm.com/exploits/3241
MILW0RM: http://milw0rm.com/exploits/3241
FRSIRT: http://www.frsirt.com/english/advisories/2007/0446
XF: http://xforce.iss.net/xforce/xfdb/32042
BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/470744/100/0/threaded
BID: http://www.securityfocus.com/bid/24367
SECUNIA: http://secunia.com/advisories/25581