cpe:/a:deeemm:dmcms:0.7.0:beta cpe:/a:deeemm:dmcms:0.7.4 CVE-2007-5679 2007-10-24T20:46:00.000-04:00 2017-09-28T21:29:40.597-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-10-25T11:50:00.000-04:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20071021 [Aria-Security.Net] dmcms.0.7.0 SQL Injection BID 26169 EXPLOIT-DB 6250 VUPEN ADV-2008-2411 XF dmcms-index-sql-injection(37337) XF dmcms-page-id-sql-injection(44506) SQL injection vulnerability in index.php in DeeEmm.com DM CMS 0.7.0.Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in the media page (build_media_content.php). NOTE: it was later reported that 0.7.4 is also affected.