CVE-2007-6670

CVE-2007-6670

EPSS 1.0%

SQL injection vulnerability in search.php in PHCDownload 1.1.0 allows remote attackers to execute arbitrary SQL commands via the string parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://lostmon.blogspot.com/2007/12/xss-flaw-posible-sql-injection-in.html http://osvdb.org/40191 http://secunia.com/advisories/28258 http://www.securityfocus.com/bid/27066