CVE-2007-0676

ExoPHPDesk <1.2.1 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in faq.php in ExoPHPDesk 1.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by ajann · textwebappsphp

https://www.exploit-db.com/exploits/3234

View Code ZIP pw:eip

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/36027

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/0452

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/3234

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/31998

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/22338

Scores

EPSS 0.0096

EPSS Percentile 76.6%

Details

Status published

Products (2)

exo/exophpdesk 1.2

exo/exophpdesk 1.2.1

Published Feb 03, 2007

Tracked Since Feb 18, 2026