ByteOS Network

NVD Vulnerability Details :

CVE-2007-5180

Modified

Source-cve@mitre.org

Published At-03 Oct, 2007 | 14:17

Updated At-29 Jul, 2017 | 01:33

Multiple SQL injection vulnerabilities in Ohesa Emlak Portali allow remote attackers to execute arbitrary SQL commands via the (1) Kategori parameter in satilik.asp and the (2) Emlak parameter in detay.asp.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P

Type: Primary

Version: 2.0

Base score: 7.5

Base severity: HIGH

Vector:

AV:N/AC:L/Au:N/C:P/I:P/A:P

CPE Matches

ohesa_emlak_portali>>ohesa_emlak_portali>>*

cpe:2.3:a:ohesa_emlak_portali:ohesa_emlak_portali:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-89	Primary	nvd@nist.gov

CWE ID: CWE-89

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://osvdb.org/37407	cve@mitre.org	N/A
http://osvdb.org/37408	cve@mitre.org	N/A
http://packetstormsecurity.org/0709-exploits/ohesa-sql.txt	cve@mitre.org	N/A
http://secunia.com/advisories/27033	cve@mitre.org	Vendor Advisory
http://www.securityfocus.com/bid/25880	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2007/3319	cve@mitre.org	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/36877	cve@mitre.org	N/A