CVE-2007-0093 — HIGH (7.5) — White Hats Nepal

Vulnerability Description

SQL injection vulnerability in page.php in Simple Web Content Management System allows remote attackers to execute arbitrary SQL commands via the id parameter.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Cms-Center	Simple Web Cms	All versions

References

http://acid-root.new.fr/poc/18070102.txtExploit
http://osvdb.org/31657
http://secunia.com/advisories/23590
http://securityreason.com/securityalert/2106
http://www.securityfocus.com/archive/1/455814/100/0/threaded
http://www.vupen.com/english/advisories/2007/0040
https://exchange.xforce.ibmcloud.com/vulnerabilities/31261
https://www.exploit-db.com/exploits/3076
http://acid-root.new.fr/poc/18070102.txtExploit
http://osvdb.org/31657
http://secunia.com/advisories/23590
http://securityreason.com/securityalert/2106
http://www.securityfocus.com/archive/1/455814/100/0/threaded
http://www.vupen.com/english/advisories/2007/0040
https://exchange.xforce.ibmcloud.com/vulnerabilities/31261

FAQ

What is CVE-2007-0093?

CVE-2007-0093 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in page.php in Simple Web Content Management System allows remote attackers to execute arbitrary SQL commands via the id parameter.

How severe is CVE-2007-0093?

CVE-2007-0093 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-0093?

Check the references section above for vendor advisories and patch information. Affected products include: Cms-Center Simple Web Cms.