Search criteria
2 vulnerabilities found for aeries_browser_interface by aeries
CVE-2007-6517 (GCVE-0-2007-6517)
Vulnerability from nvd – Published: 2007-12-24 20:00 – Updated: 2024-08-07 16:11
VLAI
Summary
SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. NOTE: some of these details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/485393/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.vupen.com/english/advisories/2007/4302 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/28193 | third-party-advisoryx_refsource_SECUNIA |
| http://aria-security.net/forum/showthread.php?p=1174 | x_refsource_MISC |
| http://www.osvdb.org/39383 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/26962 | vdb-entryx_refsource_BID |
Date Public
2007-12-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:05.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20071220 [Aria-Security.net] ABI Version 3.7.9.17 Remote SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/485393/100/0/threaded"
},
{
"name": "ADV-2007-4302",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4302"
},
{
"name": "28193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28193"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aria-security.net/forum/showthread.php?p=1174"
},
{
"name": "39383",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/39383"
},
{
"name": "aeries-lostpwd-sql-injection(39176)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39176"
},
{
"name": "26962",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26962"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20071220 [Aria-Security.net] ABI Version 3.7.9.17 Remote SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/485393/100/0/threaded"
},
{
"name": "ADV-2007-4302",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4302"
},
{
"name": "28193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28193"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aria-security.net/forum/showthread.php?p=1174"
},
{
"name": "39383",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/39383"
},
{
"name": "aeries-lostpwd-sql-injection(39176)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39176"
},
{
"name": "26962",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26962"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6517",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20071220 [Aria-Security.net] ABI Version 3.7.9.17 Remote SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/485393/100/0/threaded"
},
{
"name": "ADV-2007-4302",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4302"
},
{
"name": "28193",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28193"
},
{
"name": "http://aria-security.net/forum/showthread.php?p=1174",
"refsource": "MISC",
"url": "http://aria-security.net/forum/showthread.php?p=1174"
},
{
"name": "39383",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/39383"
},
{
"name": "aeries-lostpwd-sql-injection(39176)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39176"
},
{
"name": "26962",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26962"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6517",
"datePublished": "2007-12-24T20:00:00.000Z",
"dateReserved": "2007-12-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:11:05.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6517 (GCVE-0-2007-6517)
Vulnerability from cvelistv5 – Published: 2007-12-24 20:00 – Updated: 2024-08-07 16:11
VLAI
Summary
SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. NOTE: some of these details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/485393/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.vupen.com/english/advisories/2007/4302 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/28193 | third-party-advisoryx_refsource_SECUNIA |
| http://aria-security.net/forum/showthread.php?p=1174 | x_refsource_MISC |
| http://www.osvdb.org/39383 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/26962 | vdb-entryx_refsource_BID |
Date Public
2007-12-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:05.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20071220 [Aria-Security.net] ABI Version 3.7.9.17 Remote SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/485393/100/0/threaded"
},
{
"name": "ADV-2007-4302",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4302"
},
{
"name": "28193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28193"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aria-security.net/forum/showthread.php?p=1174"
},
{
"name": "39383",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/39383"
},
{
"name": "aeries-lostpwd-sql-injection(39176)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39176"
},
{
"name": "26962",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26962"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20071220 [Aria-Security.net] ABI Version 3.7.9.17 Remote SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/485393/100/0/threaded"
},
{
"name": "ADV-2007-4302",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4302"
},
{
"name": "28193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28193"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aria-security.net/forum/showthread.php?p=1174"
},
{
"name": "39383",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/39383"
},
{
"name": "aeries-lostpwd-sql-injection(39176)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39176"
},
{
"name": "26962",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26962"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6517",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20071220 [Aria-Security.net] ABI Version 3.7.9.17 Remote SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/485393/100/0/threaded"
},
{
"name": "ADV-2007-4302",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4302"
},
{
"name": "28193",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28193"
},
{
"name": "http://aria-security.net/forum/showthread.php?p=1174",
"refsource": "MISC",
"url": "http://aria-security.net/forum/showthread.php?p=1174"
},
{
"name": "39383",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/39383"
},
{
"name": "aeries-lostpwd-sql-injection(39176)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39176"
},
{
"name": "26962",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26962"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6517",
"datePublished": "2007-12-24T20:00:00.000Z",
"dateReserved": "2007-12-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:11:05.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}