Vulnerability Details CVE-2007-3175
Multiple SQL injection vulnerabilities in W2B Online Banking allow remote attackers to execute arbitrary SQL commands via (1) the draft parameter to mailer.w2b or (2) the listDocPay parameter to DocPay.w2b.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/37466
- http://osvdb.org/37467
- http://pridels-team.blogspot.com/2007/05/w2b-online-banking-vuln.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34593
- http://osvdb.org/37466
- http://osvdb.org/37467
- http://pridels-team.blogspot.com/2007/05/w2b-online-banking-vuln.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34593
Products affected by CVE-2007-3175
-
cpe:2.3:a:w2b:online_banking:*