Vulnerability Details CVE-2007-0129
SQL injection vulnerability in main.asp in LocazoList 2.01a beta5 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatID parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/35813
- http://www.vupen.com/english/advisories/2007/0052
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31242
- https://www.exploit-db.com/exploits/3073
- http://osvdb.org/35813
- http://www.vupen.com/english/advisories/2007/0052
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31242
- https://www.exploit-db.com/exploits/3073
Products affected by CVE-2007-0129
-
cpe:2.3:a:locazo:locazolist_classifieds:*