CVE-2007-3812 | HackTesting

SQL injection vulnerability in forums.php in CMScout 1.23 and earlier allows remote attackers to execute arbitrary SQL commands via the f parameter in a forums action to index.php.

References

http://www.securityfocus.com/bid/24906

http://osvdb.org/36242

http://secunia.com/advisories/26026

http://packetstorm.linuxsecurity.com/0707-exploits/cmscout.txt

https://exchange.xforce.ibmcloud.com/vulnerabilities/35393

http://www.exploit-db.com/exploits/4182