Vulnerability Details CVE-2007-4835
SQL injection vulnerability in index.php in phpMyQuote 0.20 allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/36947
- http://secunia.com/advisories/26762
- http://securityreason.com/securityalert/3120
- http://www.securityfocus.com/archive/1/478967/100/0/threaded
- http://www.securityfocus.com/bid/25615
- http://yollubunlar.org/phpmyquote-020-version-multiple-sql-and-xss-vulnerabilities-3501.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36514
- http://osvdb.org/36947
- http://secunia.com/advisories/26762
- http://securityreason.com/securityalert/3120
- http://www.securityfocus.com/archive/1/478967/100/0/threaded
- http://www.securityfocus.com/bid/25615
- http://yollubunlar.org/phpmyquote-020-version-multiple-sql-and-xss-vulnerabilities-3501.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36514
Products affected by CVE-2007-4835
-
cpe:2.3:a:phpmyquote:phpmyquote:0.20