Unrated severityNVD Advisory· Published Feb 16, 2007· Updated Apr 23, 2026

CVE-2007-0970

Description

Multiple SQL injection vulnerabilities in WebTester 5.0.20060927 and earlier allow remote attackers to execute arbitrary SQL commands via the testID parameter to directions.php, and unspecified parameters to other files that accept GET or POST input.

Affected products

Webtester/Webtester
cpe:2.3:a:webtester:webtester:*:*:*:*:*:*:*:*
Range: <=5.0_2006-09-27

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/22559nvdExploit
osvdb.org/33203nvd
osvdb.org/33204nvd
secunia.com/advisories/24157nvd
securityreason.com/securityalert/2261nvd
www.securityfocus.com/archive/1/460078/100/0/threadednvd
www.vupen.com/english/advisories/2007/0633nvd
exchange.xforce.ibmcloud.com/vulnerabilities/32490nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000