• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

Kalptaru Infotech

CVE-2008-7075

February 26, 2023 by

Multiple SQL injection vulnerabilities in Kalptaru Infotech Ltd. Star Articles 6.0 allow remote attackers to inject arbitrary SQL commands via (1) the subcatid parameter to article.list.php; or the artid parameter to (2) article.print.php, (3) article.comments.php, (4) article.publisher.php, or (5) article.download.php; and (6) the PATH_INFO to article.download.php. NOTE: some of these details are obtained from third party information.

CVE-2008-7076

February 26, 2023 by

Unrestricted file upload vulnerability in user.modify.profile.php in Kalptaru Infotech Ltd. Star Articles 6.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile photo, then accessing it via a direct request to the file in authorphoto/.

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE