Unrated severityNVD Advisory· Published Oct 25, 2007· Updated Apr 23, 2026

CVE-2007-5679

Description

SQL injection vulnerability in index.php in DeeEmm.com DM CMS 0.7.0.Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in the media page (build_media_content.php). NOTE: it was later reported that 0.7.4 is also affected.

Affected products

Deeemm/Dmcms2 versions
cpe:2.3:a:deeemm:dmcms:0.7.0:beta:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:deeemm:dmcms:0.7.0:beta:*:*:*:*:*:*
- cpe:2.3:a:deeemm:dmcms:0.7.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/bugtraq/2007-10/0315.htmlnvdExploit
www.securityfocus.com/bid/26169/infonvdExploit
www.vupen.com/english/advisories/2008/2411nvdVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/37337nvd
exchange.xforce.ibmcloud.com/vulnerabilities/44506nvd
www.exploit-db.com/exploits/6250nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000