CVE-2007-2994
published 2007-06-04CVE-2007-2994: SQL injection vulnerability in news.php in DGNews 2.1 allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a fullnews action…
PriorityP335high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
1.16%
63.3th percentile
SQL injection vulnerability in news.php in DGNews 2.1 allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a fullnews action, a different vector than CVE-2007-0693.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dian_gemilang | dgnews | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2007-2994 [HIGH] ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid ASCII
ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid ASCII"; flow:established,to_server; http.uri; content:"/news.php?"; nocase; content:"newsid="; nocase; content:"ASCII("; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2007-2994; reference:url,www.securityfocus.com/bid/24212; classtype:web-application-attack; sid:2004460; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mi
Suricata
ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2007-2994 [HIGH] ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid INSERT
ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid INSERT"; flow:established,to_server; http.uri; content:"/news.php?"; nocase; content:"newsid="; nocase; content:"INSERT"; nocase; content:"INTO"; nocase; distance:0; reference:cve,CVE-2007-2994; reference:url,www.securityfocus.com/bid/24212; classtype:web-application-attack; sid:2004458; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mi
Suricata
ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2007-2994 [HIGH] ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid UNION SELECT
ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid UNION SELECT"; flow:established,to_server; http.uri; content:"/news.php?"; nocase; content:"newsid="; nocase; content:"UNION"; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2007-2994; reference:url,www.securityfocus.com/bid/24212; classtype:web-application-attack; sid:2004457; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique
Suricata
ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2007-2994 [HIGH] ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid UPDATE
ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid UPDATE"; flow:established,to_server; http.uri; content:"/news.php?"; nocase; content:"newsid="; nocase; content:"UPDATE"; nocase; content:"SET"; nocase; distance:0; reference:cve,CVE-2007-2994; reference:url,www.securityfocus.com/bid/24212; classtype:web-application-attack; sid:2004461; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_03, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mit
Suricata
ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2007-2994 [HIGH] ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid SELECT
ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid SELECT"; flow:established,to_server; http.uri; content:"/news.php?"; nocase; content:"newsid="; nocase; content:"SELECT"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-2994; reference:url,www.securityfocus.com/bid/24212; classtype:web-application-attack; sid:2004456; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mi
Suricata
ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2007-2994 [HIGH] ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid DELETE
ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DGNews SQL Injection Attempt -- news.php newsid DELETE"; flow:established,to_server; http.uri; content:"/news.php?"; nocase; content:"newsid="; nocase; content:"DELETE"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-2994; reference:url,www.securityfocus.com/bid/24212; classtype:web-application-attack; sid:2004459; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mi
No public exploits indexed.
http://secunia.com/advisories/25438http://securityreason.com/securityalert/2762http://www.securityfocus.com/archive/1/469881/100/0/threadedhttp://www.securityfocus.com/bid/24212http://secunia.com/advisories/25438http://securityreason.com/securityalert/2762http://www.securityfocus.com/archive/1/469881/100/0/threadedhttp://www.securityfocus.com/bid/24212
2007-06-04
Published