CVE-2007-1909

2007-04-1023:00:00

mitre

www.cve.org

8.5 High

AI Score

Confidence

Low

0.197 Low

EPSS

Percentile

96.3%

JSON

SQL injection vulnerability in login.php in Ryan Haudenschilt Battle.net Clan Script for PHP 1.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) pass parameter.

References

osvdb.org/34747

secunia.com/advisories/24838

www.securityfocus.com/bid/23383

www.vupen.com/english/advisories/2007/1313

www.exploit-db.com/exploits/3691