CVE-2007-4437 - CVE Reference - Advisories

CVE Reference: CVE-2007-4437

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-4437

Description: SQL injection vulnerability in albums.php in Ampache before 3.3.3.5 allows remote attackers to execute arbitrary SQL commands via the match parameter. NOTE: some details are obtained from third party information.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/36121 SAID Secunia Advisory: SA26542 Secunia Advisory: SA27253 GENTOO http://security.gentoo.org/glsa/glsa-200710-13.xml CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=189607 http://www.ampache.org/announce/3_3_3_5.php BID 25362

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	dotProject SQL Injection and Cross-Site Scripting

2.	HP TCP/IP Services for OpenVMS Finger Format String Vulnerability

3.	Novell eDirectory Multiple Vulnerabilities

4.	Sun Solaris Kernel Covert Channel Security Bypass

5.	IBM WebSphere Application Server for z/OS HTTP Server mod_proxy_ftp Vulnerability

6.	Red Hat update for libtiff

7.	Adium MSN SLP Message Integer Overflow Vulnerabilities

8.	Novell Forum TCL Command Injection Vulnerability

9.	GpsDrive "geo-code" Insecure Temporary Files

10.	Caudium "configvar" Insecure Temporary Files