CVE-2007-3301

CVSS 7.5 - HIGH
Description

SQL injection vulnerability in forum/include/error/autherror.cfm in FuseTalk allows remote attackers to execute arbitrary SQL commands via the errorcode parameter. NOTE: a patch may have been released privately between April and June 2007. NOTE: this issue may overlap CVE-2007-3273.

Affected Products
4
Vendor Product Version
fusetalk fusetalk 2.0
fusetalk fusetalk 2.0
fusetalk fusetalk 2.0
fusetalk fusetalk 2.0
References
http://osvdb.org/38475
http://secunia.com/advisories/25707
http://www.securityfocus.com/archive/1/471726/100/...
http://www.securityfocus.com/bid/24528
https://exchange.xforce.ibmcloud.com/vulnerabiliti...
http://osvdb.org/38475
http://secunia.com/advisories/25707
http://www.securityfocus.com/archive/1/471726/100/...
http://www.securityfocus.com/bid/24528
https://exchange.xforce.ibmcloud.com/vulnerabiliti...
Weakness Types
CWE-89
CVE Information
CVE ID:
CVE-2007-3301
Published:
2007-06-20
Modified:
2026-04-23
CVSS Score:
7.5
Severity:
HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Vendors
fusetalk
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL