CVE-2007-1163
published 2007-03-02CVE-2007-1163: SQL injection vulnerability in printview.php in webSPELL 4.01.02 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter…
PriorityP339high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.02%
59.2th percentile
SQL injection vulnerability in printview.php in webSPELL 4.01.02 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2007-1019, CVE-2006-5388, and CVE-2006-4783.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| webspell | webspell | <= 4.01.02 | — |
| webspell | webspell | — | — |
| webspell | webspell | — | — |
| webspell | webspell | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2007-1163 [HIGH] ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic DELETE
ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic DELETE"; flow:established,to_server; http.uri; content:"/printview.php?"; nocase; content:"topic="; nocase; content:"DELETE"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-1163; reference:url,www.milw0rm.com/exploits/3351; classtype:web-application-attack; sid:2004751; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_techniqu
Suricata
ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2007-1163 [HIGH] ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic UPDATE
ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic UPDATE"; flow:established,to_server; http.uri; content:"/printview.php?"; nocase; content:"topic="; nocase; content:"UPDATE"; nocase; content:"SET"; nocase; distance:0; reference:cve,CVE-2007-1163; reference:url,www.milw0rm.com/exploits/3351; classtype:web-application-attack; sid:2004753; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique
Suricata
ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2007-1163 [HIGH] ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic ASCII
ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic ASCII"; flow:established,to_server; http.uri; content:"/printview.php?"; nocase; content:"topic="; nocase; content:"ASCII("; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2007-1163; reference:url,www.milw0rm.com/exploits/3351; classtype:web-application-attack; sid:2004752; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_techniqu
Suricata
ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2007-1163 [HIGH] ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic UNION SELECT
ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic UNION SELECT"; flow:established,to_server; http.uri; content:"/printview.php?"; nocase; content:"topic="; nocase; content:"UNION"; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2007-1163; reference:url,www.milw0rm.com/exploits/3351; classtype:web-application-attack; sid:2004749; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, m
Suricata
ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2007-1163 [HIGH] ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic SELECT
ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic SELECT"; flow:established,to_server; http.uri; content:"/printview.php?"; nocase; content:"topic="; nocase; content:"SELECT"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-1163; reference:url,www.milw0rm.com/exploits/3351; classtype:web-application-attack; sid:2004748; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_techniqu
Suricata
ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2007-1163 [HIGH] ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic INSERT
ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS webSPELL SQL Injection Attempt -- printview.php topic INSERT"; flow:established,to_server; http.uri; content:"/printview.php?"; nocase; content:"topic="; nocase; content:"INSERT"; nocase; content:"INTO"; nocase; distance:0; reference:cve,CVE-2007-1163; reference:url,www.milw0rm.com/exploits/3351; classtype:web-application-attack; sid:2004750; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_techniqu
No writeups or analysis indexed.
http://osvdb.org/33231http://secunia.com/advisories/24257http://www.securityfocus.com/bid/22659http://www.vupen.com/english/advisories/2007/0714https://www.exploit-db.com/exploits/3351http://osvdb.org/33231http://secunia.com/advisories/24257http://www.securityfocus.com/bid/22659http://www.vupen.com/english/advisories/2007/0714https://www.exploit-db.com/exploits/3351
2007-03-02
Published