Sql injection

2007-11-2719:46:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.8%

JSON

Multiple SQL injection vulnerabilities in Dora Emlak 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) emlak_detay.asp and (b) haber_detay.asp, the (2) kategori parameter to © kategorisirala.asp, and the (3) tip parameter to (d) tipsirala.asp.

CPENameOperatorVersion
dora_emlakeq2.0

CPE	Name	Operator	Version
	dora_emlak	eq	2.0

References

osvdb.org/38820

osvdb.org/38821

osvdb.org/38822

secunia.com/advisories/27812

www.packetstormsecurity.org/0711-exploits/dora-sql.txt

www.securityfocus.com/bid/26574

www.vupen.com/english/advisories/2007/4000

exchange.xforce.ibmcloud.com/vulnerabilities/38634