CyberSec.Space Logo
返回 CVE 浏览器

CVE-2007-1016

HIGH
7.5
CVSS Severity Score
EPSS Score0.0770%
EPSS Percentile38.15th
Published2007年2月21日
Last Modified2026年4月23日

Vulnerability Description

SQL injection vulnerability in Aktueldownload Haber script allows remote attackers to execute arbitrary SQL commands via certain vectors related to the HaberDetay.asp and rss.asp components, and the id and kid parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: the combination of the HaberDetay.asp component and the id parameter is already covered by another February 2007 CVE candidate.

Affected Platforms (CPE)

📦
Aktueldownload

Aktueldownload Haber Script

All versions

References & Advisories

🔗 http://www.vupen.com/english/advisories/2007/0620
🔗 http://www.vupen.com/english/advisories/2007/0620

相关漏洞威胁

CVE-2007-101510.0

SQL injection vulnerability in HaberDetay.asp in Aktueldownload Haber script allows remote attackers to execute arbitrary SQL comm...

CVE-2007-107010.0

Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 ...

CVE-2007-103910.0

Unspecified vulnerability in Peanut Knowledge Base (PeanutKB) 0.0.3 and earlier has unknown impact and attack vectors.

CVE-2007-104510.0

mAlbum 0.3 has default accounts (1) "login"/"pass" for its administrative account and (2) "dqsfg"/"sdfg", which allows remote atta...