Unrated severityNVD Advisory· Published Jun 1, 2007· Updated Apr 23, 2026
CVE-2007-2971
CVE-2007-2971
Description
SQL injection vulnerability in getnewsitem.php in gCards 1.46 and earlier allows remote attackers to execute arbitrary SQL commands via the newsid parameter.
Affected products
5cpe:2.3:a:greg_neustaetter:gcards:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:greg_neustaetter:gcards:*:*:*:*:*:*:*:*range: <=1.46
- cpe:2.3:a:greg_neustaetter:gcards:1.13:*:*:*:*:*:*:*
- cpe:2.3:a:greg_neustaetter:gcards:1.43:*:*:*:*:*:*:*
- cpe:2.3:a:greg_neustaetter:gcards:1.44:*:*:*:*:*:*:*
- cpe:2.3:a:greg_neustaetter:gcards:1.45:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- secunia.com/advisories/25452nvdExploitVendor Advisory
- www.securityfocus.com/bid/24175nvdExploit
- marc.infonvd
- marc.infonvd
- osvdb.org/36317nvd
- www.vupen.com/english/advisories/2007/1961nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/34529nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/41927nvd
- www.exploit-db.com/exploits/3988nvd
News mentions
0No linked articles in our index yet.