PT-2007-3316 · Unknown · Gazi Okul Sitesi 2007

Conqueror

Published

2007-04-11

Updated

2018-10-16

CVE-2007-1971

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Gazi Okul Sitesi 2007

Description The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by injecting malicious SQL code into the query string of the fotokategori.asp page.

Recommendations For Gazi Okul Sitesi 2007, consider validating and sanitizing user input to prevent SQL injection attacks. As a temporary workaround, restrict access to the fotokategori.asp page until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-1971

Affected Products

Gazi Okul Sitesi 2007

PT-2007-3316 · Unknown · Gazi Okul Sitesi 2007

CVE-2007-1971

Related Identifiers

Affected Products

References · 6