Unrated severityNVD Advisory· Published Nov 18, 2005· Updated Apr 16, 2026

CVE-2005-3682

Description

Multiple SQL injection vulnerabilities in Wizz Forum 1.20 allow remote attackers to execute arbitrary SQL commands via (1) the AuthID parameter in ForumAuthDetails.php, and the TopicID parameter in (2) ForumTopicDetails.php and (3) ForumReply.php.

Affected products

Wizz Forum/Wizz Forum
cpe:2.3:a:wizz_forum:wizz_forum:1.20:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/17548/nvdVendor Advisory
marc.infonvd
securityreason.com/securityalert/181nvd
www.osvdb.org/20845nvd
www.osvdb.org/20846nvd
www.osvdb.org/20847nvd
www.securityfocus.com/bid/15410/referencesnvd
www.vupen.com/english/advisories/2005/2421nvd
exchange.xforce.ibmcloud.com/vulnerabilities/23170nvd
exchange.xforce.ibmcloud.com/vulnerabilities/23171nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000