Unrated severityNVD Advisory· Published Mar 20, 2007· Updated Apr 23, 2026

CVE-2007-1550

Description

Multiple SQL injection vulnerabilities in phpx 3.5.15 allow remote attackers to execute arbitrary SQL commands via the (1) image_id or (2) cat_id parameter to (a) gallery.php; the (3) news_id parameter to (b) news.php or (c) print.php; (4) the news_cat_id parameter to news.php; the (5) cat_id, (6) topic_id, or (7) post_id parameter to (d) forums.php; or (8) the user_id parameter to (e) users.php.

Affected products

Phpx/Phpx
cpe:2.3:a:phpx:phpx:*:*:*:*:*:*:*:*
Range: <=3.5.15

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

osvdb.org/34414nvd
osvdb.org/34415nvd
osvdb.org/34416nvd
osvdb.org/34417nvd
osvdb.org/34418nvd
secunia.com/advisories/24565nvd
securityreason.com/securityalert/2457nvd
www.securityfocus.com/archive/1/463192/100/0/threadednvd
www.securityfocus.com/bid/23033nvd
www.vupen.com/english/advisories/2007/1087nvd
exchange.xforce.ibmcloud.com/vulnerabilities/33155nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000