Информационная безопасность
[RU] switch to English


CVECVE-2007-0695
СтатусCandidate
ОписаниеMultiple SQL injection vulnerabilities in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.  NOTE: some sources mention the escape_sqlData, implode_sql, and implode_sqlIn functions, but these are protection schemes, not the vulnerable functions.
Важность
High
CVSS score7,5
CVSS vector(AV:N/AC:L/Au:N/C:P/I:P/A:P)
PhaseAssigned (08.09.2011)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0695
ReferencesVIM : 20070203 FLIP SQL injection clarification
 FRSIRT : ADV-2007-0454
 XF : flip-multiple-sql-injection(31902)
 CONFIRM : http://sourceforge.net/project/shownotes.php?relea...
SecurityVulns:Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород