cpe:/a:inferno_technologies:rpg_inferno:2.4 CVE-2007-3687 2007-07-11T13:30:00.000-04:00 2017-09-28T21:29:05.437-04:00 6.5 NETWORK LOW SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-07-13T16:52:00.000-04:00 ALLOWS_OTHER_ACCESS BID 24839 SECUNIA 25986 OSVDB 35965 EXPLOIT-DB 4166 XF rpginferno-inferno-sql-injection(35319) SQL injection vulnerability in inferno.php in the Inferno Technologies RPG Inferno 2.4 and earlier, a vBulletin module, allows remote authenticated attackers to execute arbitrary SQL commands via the id parameter in a ScanMember do action.