CVE-2007-4456 in Mamboinfo

Summary

SQL injection vulnerability in index.php in the SimpleFAQ (com_simplefaq) 2.11 component for Mambo allows remote attackers to execute arbitrary SQL commands via the aid parameter. NOTE: it was later reported that 2.40 is also affected, and that the component can be used in Joomla! in addition to Mambo.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

08/21/2007

Disclosure

08/21/2007

Moderation

VulDB entry created

Entries

1: VDB-38446

CPE

ready

CWE

CWE-89 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.00756

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-4456
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-4456
CVE Details	https://www.cvedetails.com/cve/CVE-2007-4456/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!