PT-2007-5785 · Abc · Abc Estore

K1Tk4T

Published

2007-08-31

Updated

2017-09-29

CVE-2007-4627

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions ABC eStore version 3.0

Description A SQL injection issue allows remote attackers to execute arbitrary SQL commands. The issue is related to the cat id parameter in the "index.php" file.

Recommendations For ABC eStore version 3.0, consider restricting access to the cat id parameter in the "index.php" file until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-4627

Affected Products

Abc Estore

PT-2007-5785 · Abc · Abc Estore

CVE-2007-4627

Related Identifiers

Affected Products

References · 6