CyberSec.Space Logo
Back to CVE Browser

CVE-2007-4171

HIGH
7.5
CVSS Severity Score
EPSS Score0.1200%
EPSS Percentile31.55th
PublishedAug 7, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

SQL injection vulnerability in komentar.php in the Forum Module for auraCMS (Modul Forum Sederhana) allows remote attackers to execute arbitrary SQL commands via the id parameter to the default URI. NOTE: some of these details are obtained from third party information.

Affected Platforms (CPE)

πŸ“¦
Auracms

Modul Forum Sederhana

All versions

References & Advisories

πŸ”— http://osvdb.org/36432
πŸ”— http://secunia.com/advisories/26332
πŸ”— http://www.securityfocus.com/archive/1/475645/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/25202
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/35814
πŸ”— https://www.exploit-db.com/exploits/4254
πŸ”— http://osvdb.org/36432
πŸ”— http://secunia.com/advisories/26332

Related Vulnerabilities

CVE-2007-182210.0

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailbo...

CVE-2007-158710.0

templates/config/mail.tpl in Tim Soderstrom StatsDawg 0.92 allows remote attackers to execute arbitrary programs by specifying the...

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...

CVE-2007-182310.0

T-Mobile voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling N...