CVE-2007-6583

SQL injection vulnerability in admin/ops/findip/ajax/search.php in 1024 CMS 1.3.1 allows remote attackers to execute arbitrary SQL commands via the ip parameter.

Published : 2007-12-28 21:46 Updated : 2017-09-29 01:30

7.5
CVSS Score More info
Score 7.5 / 10
7.5
Vendor Product Version URI
1024 Cms 1024 Cms 1.3.1 cpe:/a:1024_cms:1024_cms:1.3.1
  1. 1024 Cms (1) Search CVE
    1. 1024 Cms (1) Search CVE
      1. 1.3.1

CWE

ID Name Description Links
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. CVE

Reference

History of changes

Date Event
2017-09-29 05:35
2007-12-28 21:46

New CVE