CVE-2007-3687

2007-07-11T17:30:00
ID CVE-2007-3687
Type cve
Reporter cve@mitre.org
Modified 2017-09-29T01:29:00

Description

SQL injection vulnerability in inferno.php in the Inferno Technologies RPG Inferno 2.4 and earlier, a vBulletin module, allows remote authenticated attackers to execute arbitrary SQL commands via the id parameter in a ScanMember do action.