Vulnerability Details CVE-2007-3987
SQL injection vulnerability in SearchResults.asp in ImageRacer 1.0, when WordSearchCrit is enabled, allows remote attackers to execute arbitrary SQL commands via the SearchWord parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/36277
- http://outlaw.aria-security.info/?p=7
- http://secunia.com/advisories/26169
- http://securityreason.com/securityalert/2925
- http://www.securityfocus.com/archive/1/474419/100/0/threaded
- http://www.securityfocus.com/bid/25010
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35537
- http://osvdb.org/36277
- http://outlaw.aria-security.info/?p=7
- http://secunia.com/advisories/26169
- http://securityreason.com/securityalert/2925
- http://www.securityfocus.com/archive/1/474419/100/0/threaded
- http://www.securityfocus.com/bid/25010
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35537
Products affected by CVE-2007-3987
-
cpe:2.3:a:junction_quest:image_racer:1.0