Vulnerabilities (CVE)

Filtered by vendor Webwizguide Subscribe
Filtered by product Web Wiz Forums
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-1548 1 Webwizguide 1 Web Wiz Forums 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in functions/functions_filters.asp in Web Wiz Forums before 8.05a (MySQL version) does not properly filter certain characters in SQL commands, which allows remote attackers to execute arbitrary SQL commands via \"' (backslash double-quote quote) sequences, which are collapsed into \'', as demonstrated via the name parameter to forum/pop_up_member_search.asp.