VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Mar 20, 2007· Updated Apr 23, 2026

CVE-2007-1548

CVE-2007-1548

Description

SQL injection vulnerability in functions/functions_filters.asp in Web Wiz Forums before 8.05a (MySQL version) does not properly filter certain characters in SQL commands, which allows remote attackers to execute arbitrary SQL commands via \"' (backslash double-quote quote) sequences, which are collapsed into \'', as demonstrated via the name parameter to forum/pop_up_member_search.asp.

Affected products

52
  • Webwiz/Web Wiz Forums52 versions
    cpe:2.3:a:webwizguide:web_wiz_forums:*:*:*:*:*:*:*:*+ 51 more
    • cpe:2.3:a:webwizguide:web_wiz_forums:*:*:*:*:*:*:*:*range: <=8.05
    • cpe:2.3:a:webwizguide:web_wiz_forums:5.21:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:5.22:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6:beta_1:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6:beta_2:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6:beta_3:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6:beta_4:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:8:beta_1:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:8:beta_2:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:8:rc1:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:8:rc1.1:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:8.01:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:8.02:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:8.03:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:8.04:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6:beta_5:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6:beta_6:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.10:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.11:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.12:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.20:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.21:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.22:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.23:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.24:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.25:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.26:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.27:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.28:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.29:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.30:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.32:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.33:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:6.34:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:7:beta_4:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:7:rc1:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:7.01:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:7.5:beta_1:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:7.6:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:7.7:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:7.7a:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:7.8:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:7.9:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:7.51:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:7.51a:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:7.92:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:7.95:*:*:*:*:*:*:*
    • cpe:2.3:a:webwizguide:web_wiz_forums:7.96:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

9

News mentions

0

No linked articles in our index yet.