CVE-2007-0340
published 2007-01-18CVE-2007-0340: SQL injection vulnerability in inc/header.inc.php in ThWboard 3.0b2.84-php5 and earlier allows remote attackers to execute arbitrary SQL commands via the…
PriorityP337high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.03%
59.3th percentile
SQL injection vulnerability in inc/header.inc.php in ThWboard 3.0b2.84-php5 and earlier allows remote attackers to execute arbitrary SQL commands via the board[styleid] parameter to index.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| thwboard | thwboard | <= 3.0_beta_2.84 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS ThWboard SQL Injection Attempt -- index.php board DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2007-0340 [HIGH] ET WEB_SPECIFIC_APPS ThWboard SQL Injection Attempt -- index.php board DELETE
ET WEB_SPECIFIC_APPS ThWboard SQL Injection Attempt -- index.php board DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS ThWboard SQL Injection Attempt -- index.php board DELETE"; flow:established,to_server; http.uri; content:"/index.php?"; nocase; content:"board["; fast_pattern; nocase; content:"DELETE"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-0340; reference:url,www.milw0rm.com/exploits/3124; classtype:web-application-attack; sid:2005570; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_04_21, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_techni
Bugzilla
CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195 CVE-2006-7196 CVE-2007-1858 CVE-2006-3835 CVE-2005-3510 CVE-2005-4838)
bugzilla·2007-04-30·CVSS 4.3
CVE-2005-2090 [MEDIUM] CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195 CVE-2006-7196 CVE-2007-1858 CVE-2006-3835 CVE-2005-3510 CVE-2005-4838)
CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195 CVE-2006-7196 CVE-2007-1858 CVE-2006-3835 CVE-2005-3510 CVE-2005-4838)
A number of flaws affect the version of Tomcat5 shipped with RHAPS-EL3 (last
updated in RHSA-2006:0592 to 5.0.28). Please see linked bugs for details.
Discussion:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHSA-2007-0340.html
Bugzilla
CVE-2006-7196 tomcat XSS in example webapps
bugzilla·2007-04-27·CVSS 4.3
CVE-2006-7196 [MEDIUM] CVE-2006-7196 tomcat XSS in example webapps
CVE-2006-7196 tomcat XSS in example webapps
According to http://tomcat.apache.org/security-5.html
Fixed in Apache Tomcat 5.5.16
Cross-site scripting CVE-2006-7196
The calendar application included as part of the JSP examples is susceptible to
a cross-site scripting attack as it does not escape user provided data before
including it in the returned page.
Affects: 5.0.0-5.0.30, 5.5.0-5.5.15
Advisory text: "The calendar application in the JSP examples did not escape
displayed values. If the JSP examples are accessible, this flaw could allow a
remote attacker to perform cross-site scripting attacks. (CVE-2006-7196)"
Discussion:
This was addressed via:
Red Hat Application Server v2 4AS (RHSA-2007:0326)
Red Hat Application Server 3AS (RHSA-2007:0340)
Red Hat Network Satellite Server 5.0
2007-01-18
Published