Unrated severityNVD Advisory· Published Dec 15, 2007· Updated Apr 23, 2026

CVE-2007-6338

Description

SQL injection vulnerability in userlogin.jsp in Trivantis CourseMill Enterprise Learning Management System 4.1 SP4 allows remote attackers to execute arbitrary SQL commands via the user parameter (username field). NOTE: some of these details are obtained from third party information.

Affected products

Trivantis/Coursemill Enterprise Learning Management System
cpe:2.3:a:trivantis:coursemill_enterprise_learning_management_system:4.1:sp4:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstorm.linuxsecurity.com/0712-exploits/trivantis-sql.txtnvdExploit
secunia.com/advisories/28098nvd
securityreason.com/securityalert/3450nvd
www.osvdb.org/39156nvd
www.securityfocus.com/archive/1/485072/100/0/threadednvd
www.securityfocus.com/bid/26865nvd
exchange.xforce.ibmcloud.com/vulnerabilities/39031nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000