← back
CVE-2007-3301

CVE-2007-3301

EPSS 1.0%
SQL injection vulnerability in forum/include/error/autherror.cfm in FuseTalk allows remote attackers to execute arbitrary SQL commands via the errorcode parameter. NOTE: a patch may have been released privately between April and June 2007. NOTE: this issue may overlap CVE-2007-3273.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/30202unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/38475http://secunia.com/advisories/25707https://exchange.xforce.ibmcloud.com/vulnerabilities/34939http://www.securityfocus.com/archive/1/471726/100/0/threadedhttp://www.securityfocus.com/bid/24528