CVE-2007-4112

Multiple SQL injection vulnerabilities in Advanced Webhost Billing System (AWBS) before 2.6.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be leveraged for XSS attacks that "bypass AWBS's anti-XSS input validation."
Configurations

Configuration 1

cpe:2.3:a:advanced_webhost_billing_system:advanced_webhost_billing_system:*:*:*:*:*:*:*:*

Information

Published : 2007-07-31 10:17

Updated : 2017-07-29 01:32


NVD link : CVE-2007-4112

Mitre link : CVE-2007-4112

Products Affected
No products.