CVE-2007-0598

Aztek Forum - SQL Injection

Title source: rule

Description

SQL injection vulnerability in forum/load.php in Aztek Forum 4.00 allows remote attackers to execute arbitrary SQL commands via the fid cookie to forum.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by DarkFig · phpwebappsphp

https://www.exploit-db.com/exploits/3196

View Code ZIP pw:eip

References (4)

[Exploit] http://acid-root.new.fr/poc/21070125.txt

[Third Party Advisory, VDB Entry] http://osvdb.org/33595

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/458076/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/458123/100/0/threaded

Scores

EPSS 0.0047

EPSS Percentile 64.9%

Details

Status published

Products (1)

aztek_forum/aztek_forum 4.0

Published Jan 30, 2007

Tracked Since Feb 18, 2026