CVE-2007-6467
MKPortal 1.1 RC1 - SQL Injection via ida Parameter in Gallery foto_show Action
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2007-6467. PoCs published by Sw33t h4cK3r.
AI-analyzed exploit summary The provided text describes an SQL injection vulnerability in MKPortal M1.1 RC1, where the 'ida' parameter in the 'foto_show' operation is not properly sanitized. This allows attackers to inject malicious SQL queries, potentially compromising the application or underlying database.
Description
SQL injection vulnerability in index.php in MKPortal 1.1 RC1 allows remote attackers to execute arbitrary SQL commands via the ida parameter in a gallery foto_show action.
Exploits (1)
The provided text describes an SQL injection vulnerability in MKPortal M1.1 RC1, where the 'ida' parameter in the 'foto_show' operation is not properly sanitized. This allows attackers to inject malicious SQL queries, potentially compromising the application or underlying database.