CVE-2007-2004

Inoutmailinglistmanager < 3.1 - SQL Injection

Title source: rule

Description

Multiple SQL injection vulnerabilities in InoutMailingListManager 3.1 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to changename.php and other unspecified vectors.

Exploits (1)

exploitdb WORKING POC VERIFIED

by BlackHawk · phpwebappsphp

https://www.exploit-db.com/exploits/3702

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/3702

[Third Party Advisory] http://secunia.com/advisories/24842

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/1345

Scores

EPSS 0.0068

EPSS Percentile 71.6%

Details

Status published

Products (1)

inoutmailinglistmanager/inoutmailinglistmanager < 3.1

Published Apr 12, 2007

Tracked Since Feb 18, 2026