CVE-2007-3214 in CMSinfo

Summary

SQL injection vulnerability in style.php in e-Vision CMS 2.02 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the template parameter.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsible

Reservation

06/14/2007

Disclosure

06/14/2007

Moderation

VulDB entry created

Entries

Relate

show

CPE

ready

CWE

CWE-22 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.01457

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-3214
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-3214
CVE Details	https://www.cvedetails.com/cve/CVE-2007-3214/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!