CVE-2007-0202 Information

Feb 14, 2021 cve

Description

SQL injection vulnerability in index.php in @lex Guestbook 4.0.2 and earlier when magic_quotes_gpc is disabled allows remote attackers to execute arbitrary SQL commands via the lang parameter.

Reference

http://acid-root.new.fr/poc/20070107.txt http://osvdb.org/31707 http://secunia.com/advisories/23637 http://securityreason.com/securityalert/2135 http://www.securityfocus.com/archive/1/456218/100/0/threaded http://www.securityfocus.com/bid/21926 http://www.vupen.com/english/advisories/2007/0137 https://exchange.xforce.ibmcloud.com/vulnerabilities/31393 https://www.exploit-db.com/exploits/3103

Share on: