← back
CVE-2007-6078

CVE-2007-6078

EPSS 1.3%
Multiple SQL injection vulnerabilities in SkyPortal RC6 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) nc_top.asp; (2) inc_bookmarks.asp, possibly involving a parameter passed from cp_main.asp; (3) inc_profile_functions.asp; or (4) inc_SUBSCRIPTIONS.asp; or the (5) Avatar_URL, (6) LINK1, or (7) LINK2 parameter to cp_main.asp in an EditIt action.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/4638unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/38595https://www.exploit-db.com/exploits/4638http://www.kb.cert.org/vuls/id/315107http://www.securityfocus.com/bid/26504