Описание
Multiple SQL injection vulnerabilities in mainfile.php in NPDS 5.10 and earlier allow remote authenticated users to execute arbitrary SQL commands via a (1) nickname or (2) Id in a cookie, or (3) the X-Forwarded-For (X_FORWARDED_FOR) HTTP header.
Multiple SQL injection vulnerabilities in mainfile.php in NPDS 5.10 and earlier allow remote authenticated users to execute arbitrary SQL commands via a (1) nickname or (2) Id in a cookie, or (3) the X-Forwarded-For (X_FORWARDED_FOR) HTTP header.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-2537
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34109
- http://osvdb.org/36195
- http://securityreason.com/securityalert/2670
- http://www.aeroxteam.fr/exploit-NPDS-5.10.txt
- http://www.securityfocus.com/archive/1/467696/100/0/threaded
- http://www.securityfocus.com/bid/23831
EPSS
Процентиль: 72%
0.0074
Низкий
CVE ID
Связанные уязвимости
nvd
больше 18 лет назад
Multiple SQL injection vulnerabilities in mainfile.php in NPDS 5.10 and earlier allow remote authenticated users to execute arbitrary SQL commands via a (1) nickname or (2) Id in a cookie, or (3) the X-Forwarded-For (X_FORWARDED_FOR) HTTP header.
EPSS
Процентиль: 72%
0.0074
Низкий