CVE-2007-5425

Severity CVSS v4.0:
Pending analysis
Type:
CWE-94 Code Injection
Publication date:
12/10/2007
Last modified:
09/04/2025

Description

SQL injection vulnerability in admin/index.php in Interspire ActiveKB 1.5 allows remote attackers to execute arbitrary SQL commands via the questId parameter in a hideQuestion ToDo action. NOTE: the catId vector is already covered by CVE-2007-5131.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:interspire:activekb:1.5:*:*:*:*:*:*:*