CVE-2007-3250

SQL injection vulnerability in mod_banners.php in Elxis CMS before 2006.4 20070613 allows remote attackers to execute arbitrary SQL commands via the mb_tracker cookie. NOTE: the product was patched without updating the version number; later downloads of 2006.4 are not affected.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:elxis:elxis_cms:2006.1:*:*:*:*:*:*:*
cpe:2.3:a:elxis:elxis_cms:2006.2:*:*:*:*:*:*:*
cpe:2.3:a:elxis:elxis_cms:2006.3:*:*:*:*:*:*:*
cpe:2.3:a:elxis:elxis_cms:2006.4:*:*:*:*:*:*:*

History

No history.

Information

Published : 2007-06-18 10:30

Updated : 2024-02-04 17:13


NVD link : CVE-2007-3250

Mitre link : CVE-2007-3250

CVE.ORG link : CVE-2007-3250


JSON object : View

Products Affected

elxis

  • elxis_cms