← back
CVE-2007-4056

CVE-2007-4056

EPSS 1.0%
SQL injection vulnerability in directory.php in Prozilla Adult Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. NOTE: the original report indicated that this was the "photo" SourceForge project (aka Maan Bsat Photo Collection), but that was incorrect.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/4238unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/35683https://www.exploit-db.com/exploits/4238http://www.attrition.org/pipermail/vim/2007-July/001728.htmlhttp://www.securityfocus.com/bid/25135http://www.vupen.com/english/advisories/2007/2695