CVE-2007-1548

NONECVSS 0.0

0.0

SQL injection vulnerability in functions/functions_filters.asp in Web Wiz Forums before 8.05a (MySQL version) does not properly filter certain characters in SQL commands, which allows remote attackers to execute arbitrary SQL commands via \"' (backslash double-quote quote) sequences, which are collapsed into \'', as demonstrated via the name parameter to forum/pop_up_member_search.asp.

🔗 References (18)

cve@mitrehttp://ifsec.blogspot.com/2007/03/web-wiz-forums-805-mysql-version-sql.html
cve@mitrehttp://osvdb.org/34344
cve@mitrehttp://secunia.com/advisories/24561
cve@mitrehttp://securityreason.com/securityalert/2456
cve@mitrehttp://www.securityfocus.com/archive/1/463287/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/23051
cve@mitrehttp://www.vupen.com/english/advisories/2007/1061
cve@mitrehttp://www.webwizguide.info/web_wiz_forums/Version%20History.txt
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/33095
af854a3a-2127-422b-91ae-364da2661108http://ifsec.blogspot.com/2007/03/web-wiz-forums-805-mysql-version-sql.html
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/34344
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24561
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/2456
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/463287/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/23051

Is Your Infrastructure Affected by CVE-2007-1548?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-1548

📅 Published

🔄 Last Modified

🔗 References (18)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-1548?