cbcvebase.
CVE-2007-1122
published 2007-02-27

CVE-2007-1122: Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens ZephyrSoft Toolbox Address Book Continued (ABC) 1.00 and 1.01 allow remote attackers to…

PriorityP338medium6.4CVSS 2.0
AVNACLAuNCPIPAN
EPSS
14.77%
96.3th percentile
Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens ZephyrSoft Toolbox Address Book Continued (ABC) 1.00 and 1.01 allow remote attackers to execute arbitrary SQL commands via the id parameter to the (1) updateRow and (2) deleteRow functions in functions.php, a variant of a SQL injection issue that was fixed in 1.01. NOTE: some of these details are obtained from third party information.

Affected

2 ranges
VendorProductVersion rangeFixed in
zephyrsoft_toolboxaddress_book_continued
zephyrsoft_toolboxaddress_book_continued
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.