CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2007-3427

HIGH
7.5
CVSS Severity Score
EPSS Score0.0870%
EPSS Percentile5.19th
Published2007年6月27日
Last Modified2026年4月23日

Vulnerability Description

SQL injection vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a stats action.

Affected Platforms (CPE)

📦
Zoneo Soft

Phptraffica

<= 1.4.2

References & Advisories

🔗 http://osvdb.org/37476
🔗 http://secunia.com/advisories/25773
🔗 http://soft.zoneo.net/phpTrafficA/Files/get.php?phpTrafficA-1.4.3.tgz
🔗 http://www.attrition.org/pipermail/vim/2007-June/001684.html
🔗 http://www.securityfocus.com/archive/1/472211/100/0/threaded
🔗 http://www.vupen.com/english/advisories/2007/2311
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/35012
🔗 https://www.exploit-db.com/exploits/4100

相關漏洞威脅

CVE-2007-364710.0

The isloggedin function in Php/login.inc.php in phpTrafficA 1.4.3 and earlier allows remote attackers to bypass authentication and...

CVE-2014-83407.5

SQL injection vulnerability in Php/Functions/log_function.php in phpTrafficA 2.3 and earlier allows remote attackers to execute ar...

CVE-2007-10767.5

Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitra...

CVE-2007-34287.5

Multiple unspecified vulnerabilities in phpTrafficA before 1.4.2 allow remote attackers to have an unknown impact via the file par...