CVE-2007-3684 – Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star Rating Ba

Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star Rating Bar before 1.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) q and (2) t parameters in (a) db.php and (b) rpc.php.

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3684

Reference (s):

• BID:24840
• URL: http://www.securityfocus.com/bid/24840
• http://www.cirt.net/advisories/unobtrusive_ajax_star_rating.shtml
• OSVDB:35933
• URL: http://www.osvdb.org/35933