CVE-2007-6575

Description

SQL injection vulnerability in default.php in MMSLamp allows remote attackers to execute arbitrary SQL commands via the idpro parameter in a prodotti_dettaglio action.

Affected products

• brand039 / mmslamp1.0 – 1.0

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/39220
• MISChttp://osvdb.org/39761
• MISChttp://www.securityfocus.com/bid/26995
• EXPLOIThttps://www.exploit-db.com/exploits/4776