Unrated severityNVD Advisory· Published Jan 26, 2007· Updated Jun 16, 2026
CVE-2007-0527
CVE-2007-0527
Description
SQL injection vulnerability in the is_remembered function in class.login.php in Website Baker 2.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the REMEMBER_KEY cookie parameter. NOTE: some of these details are obtained from third party information.
Affected products
2cpe:2.3:a:website_baker:website_baker:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:website_baker:website_baker:*:*:*:*:*:*:*:*range: <=2.6.5
- (no CPE)range: <=2.6.1
Patches
Vulnerability mechanics
References
7- securityreason.com/securityalert/2185nvdExploit
- secunia.com/advisories/23828nvdVendor Advisory
- www.vupen.com/english/advisories/2007/0311nvdVendor Advisory
- osvdb.org/32945nvd
- www.securityfocus.com/archive/1/457684/100/0/threadednvd
- www.securityfocus.com/bid/22176nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/31692nvd
News mentions
0No linked articles in our index yet.