CVE-2007-1630

ActiveWebSoftwares Active Link Engine - SQL Injection via catid Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1630. PoCs published by CyberGhost.

AI-analyzed exploit summary This is a writeup describing a SQL injection vulnerability in Active Link Engine. It provides URLs to extract admin credentials via a UNION-based SQLi attack.

Description

SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Link Engine allows remote attackers to execute arbitrary SQL commands via the catid parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by CyberGhost · textwebappsasp
https://www.exploit-db.com/exploits/3534

This is a writeup describing a SQL injection vulnerability in Active Link Engine. It provides URLs to extract admin credentials via a UNION-based SQLi attack.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Active Link Engine
No auth needed
Prerequisites: Access to the vulnerable web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/33111
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/34364
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/3534
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1071
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/23080
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24574

Scores

EPSS 0.0120
EPSS Percentile 64.0%

Details

Status published
Products (1)
active_web_softwares/active_link_engine
Published Mar 23, 2007
Tracked Since Feb 18, 2026