CyberSec.Space Logo
返回 CVE 浏览器

CVE-2007-0492

HIGH
7.5
CVSS Severity Score
EPSS Score0.1570%
EPSS Percentile4.37th
Published2007年1月25日
Last Modified2026年4月23日

Vulnerability Description

Multiple SQL injection vulnerabilities in gallery.php in webSPELL 4.01.02 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) galleryID parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Affected Platforms (CPE)

📦
Webspell

Webspell

<= 4.01.02

References & Advisories

🔗 http://www.vupen.com/english/advisories/2007/0270
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/31632
🔗 http://www.vupen.com/english/advisories/2007/0270
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/31632

相关漏洞威胁

CVE-2007-116010.0

webSPELL 4.0, and possibly later versions, allows remote attackers to bypass authentication via a ws_auth cookie, a different vuln...

CVE-2007-05027.5

SQL injection vulnerability in gallery.php in webSPELL 4.01.02 allows remote attackers to execute arbitrary SQL commands via the p...

CVE-2006-07287.5

SQL injection vulnerability in search.php in webSPELL 4.01.00 and earlier allows remote attackers to inject arbitrary SQL commands...

CVE-2006-53887.5

SQL injection vulnerability in index.php in WebSPELL 4.01.01 and earlier allows remote attackers to execute arbitrary SQL commands...