CVE Vulnerabilities

CVE-2007-3631

Published: Jul 10, 2007 | Modified: Sep 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SQL injection vulnerability in index.php in GameSiteScript (gss) 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the params parameter, related to missing input validation of the id field.

Affected Software

Name Vendor Start Version End Version
Gamesitescript Gamesitescript * 3.1 (including)

References