Vulnerability Description
SQL injection vulnerability in MKPortal 1.1.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka ZD-00000008. this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mkportal | Mkportal | 1.1.1 |
Related Weaknesses (CWE)
References
- http://lists.immunitysec.com/pipermail/dailydave/2007-July/004448.html
- http://osvdb.org/45801
- http://www.securityfocus.com/bid/24783
- http://www.wslabi.com/wabisabilabi/initPublishedBid.do?
- http://lists.immunitysec.com/pipermail/dailydave/2007-July/004448.html
- http://osvdb.org/45801
- http://www.securityfocus.com/bid/24783
- http://www.wslabi.com/wabisabilabi/initPublishedBid.do?
FAQ
What is CVE-2007-3637?
CVE-2007-3637 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in MKPortal 1.1.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka ZD-00000008. this information is based upon a vague advisory by a ...
How severe is CVE-2007-3637?
CVE-2007-3637 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3637?
Check the references section above for vendor advisories and patch information. Affected products include: Mkportal Mkportal.