Intrusion Prevention

Forum.Livre.infouser.asp.Remote.SQL.Injection

Description

This indicates detection of an attempt to exploit a SQL Injection vulnerability in Forum Livre.
The vulnerability may allow a remote attacker to execute arbitrary SQL commands in the back-end database, via a specially crafted HTTP request to the "info-user.asp" script, with injected SQL statements in the "user" parameter.

Affected Products

Forum Livre version 1.0

Impact

System Compromise: Data manipulation.

Recommended Actions

Currently we are not aware of any vendor supplied patches for this issue.

CVE References

CVE-2007-0589