Search Results | AttackerKB

Show filters

Clear All

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

1 Total Results

Displaying 1-1 of 1

Attacker Value

Unknown

CVE-2007-3677

Disclosure Date: July 11, 2007 (last updated October 04, 2023)

Multiple SQL injection vulnerabilities in Maxsi eVisit Analyst allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) idsp1.pl, (2) ip.pl, and (3) einsite_director.pl. NOTE: this issue can be leveraged for path disclosure from resulting error messages.

1 Total Results

Displaying 1-1 of 1

Unknown

CVE-2007-3677

Quick Cookie Notification