Vulnerability Description
SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote attackers to execute arbitrary SQL commands via the submit parameter in an email action.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Simple Invoices | Simple Invoices | 2007-05-25 |
References
- http://osvdb.org/36293
- http://secunia.com/advisories/25789
- http://www.securityfocus.com/bid/24601Exploit
- http://www.vupen.com/english/advisories/2007/2310
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35021
- https://www.exploit-db.com/exploits/4098
- http://osvdb.org/36293
- http://secunia.com/advisories/25789
- http://www.securityfocus.com/bid/24601Exploit
- http://www.vupen.com/english/advisories/2007/2310
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35021
- https://www.exploit-db.com/exploits/4098
FAQ
What is CVE-2007-3430?
CVE-2007-3430 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote attackers to execute arbitrary SQL commands via the submit parameter in an email action.
How severe is CVE-2007-3430?
CVE-2007-3430 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3430?
Check the references section above for vendor advisories and patch information. Affected products include: Simple Invoices Simple Invoices.