Описание
SQL injection vulnerability in VirtueMart before 1.0.11 allows remote attackers to execute arbitrary SQL commands via unspecified parameters, possibly related to improper input validation of the PATH_INFO (PHP_SELF) by virtuemart_parser.php.
SQL injection vulnerability in VirtueMart before 1.0.11 allows remote attackers to execute arbitrary SQL commands via unspecified parameters, possibly related to improper input validation of the PATH_INFO (PHP_SELF) by virtuemart_parser.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-3247
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34879
- http://osvdb.org/36889
- http://secunia.com/advisories/25698
- http://sourceforge.net/project/shownotes.php?release_id=516206
- http://virtuemart.net/index.php?option=com_content&task=view&id=250&Itemid=57
- http://www.securityfocus.com/bid/24485
- http://www.vupen.com/english/advisories/2007/2217
EPSS
Процентиль: 72%
0.00735
Низкий
CVE ID
Связанные уязвимости
nvd
больше 18 лет назад
SQL injection vulnerability in VirtueMart before 1.0.11 allows remote attackers to execute arbitrary SQL commands via unspecified parameters, possibly related to improper input validation of the PATH_INFO (PHP_SELF) by virtuemart_parser.php.
EPSS
Процентиль: 72%
0.00735
Низкий