CVE-2007-6498

Multiple SQL injection vulnerabilities in Hosting Controller 6.1 Hot fix 3.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) email and (2) loginname parameters to Hosting/Addreseller.asp, (3) the sortfield parameter to accounts/accountmanager.asp, (4) the GateWayID parameter to OpenApi/GatewayVariables.asp, and possibly (5) unspecified vectors to IIS/iibind.asp.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://securityreason.com/securityalert/3474
http://securitytracker.com/id?1019222
http://www.securityfocus.com/archive/1/485028/100/0/threaded
http://www.securityfocus.com/bid/26862
https://exchange.xforce.ibmcloud.com/vulnerabilities/39036
https://www.exploit-db.com/exploits/4730

Configurations

Configuration 1 (hide)

cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_3.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2007-12-20 20:46

Updated : 2024-02-28 11:01

NVD link : CVE-2007-6498

Mitre link : CVE-2007-6498

CVE.ORG link : CVE-2007-6498

JSON object : View

Products Affected

hosting_controller

hosting_controller

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

{"id": "CVE-2007-6498", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-12-20T20:46:00.000", "references": [{"url": "http://securityreason.com/securityalert/3474", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1019222", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/485028/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/26862", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39036", "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/4730", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in Hosting Controller 6.1 Hot fix 3.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) email and (2) loginname parameters to Hosting/Addreseller.asp, (3) the sortfield parameter to accounts/accountmanager.asp, (4) the GateWayID parameter to OpenApi/GatewayVariables.asp, and possibly (5) unspecified vectors to IIS/iibind.asp."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en Hosting Controller 6.1 Hot fix 3.3 y anteriores permite a usuarios remotos validados ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s de los par\u00e1metros (1) email y (2) loginname en Hosting/Addreseller.asp, (3) el par\u00e1metro sortfield en accounts/accountmanager.asp, (4) el par\u00e1metro GateWayID en OpenApi/GatewayVariables.asp, y posiblemente (5) vectores no especificados en IIS/iibind.asp."}], "lastModified": "2018-10-15T21:54:40.867", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0D49DC9-27D0-4FDB-A273-FA161B0BC815"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}