Unrated severityNVD Advisory· Published Jul 11, 2007· Updated Jun 16, 2026
CVE-2007-3705
CVE-2007-3705
Description
SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via the FTVAR_SUBCAT (txForumID) parameter to forum/index.cfm and possibly other unspecified components, related to forum/include/error/forumerror.cfm.
Affected products
5cpe:2.3:a:fusetalk:fusetalk:2.0:-:basic:*:*:*:*:*+ 4 more
- cpe:2.3:a:fusetalk:fusetalk:2.0:-:basic:*:*:*:*:*
- cpe:2.3:a:fusetalk:fusetalk:2.0:-:coldfusion:*:*:*:*:*
- cpe:2.3:a:fusetalk:fusetalk:2.0:-:enterprise:*:*:*:*:*
- cpe:2.3:a:fusetalk:fusetalk:2.0:-:standard:*:*:*:*:*
- (no CPE)range: = 2.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.