Unrated severityNVD Advisory· Published Oct 29, 2007· Updated Apr 23, 2026

CVE-2007-5688

Description

Multiple SQL injection vulnerabilities in directory.php in the Multi-Forums (aka Multi Host Forum Pro) module 1.3.3, for phpBB and Invision Power Board (IPB or IP.Board), allow remote attackers to execute arbitrary SQL commands via the (1) go and (2) cat parameters.

Affected products

Invision Power Services/Invision Power Board
cpe:2.3:a:invision_power_services:invision_power_board:*:*:*:*:*:*:*:*
PhpBB/phpBB
cpe:2.3:a:phpbb:phpbb:*:*:*:*:*:*:*:*
Sebflipper/Multi Forums Module
cpe:2.3:a:sebflipper:multi-forums_module:1.3.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.inj3ct-it.org/exploit/Multi_Host.txtnvdExploit
www.securityfocus.com/bid/26213nvdExploit
secunia.com/advisories/27406nvdVendor Advisory
www.securityfocus.com/archive/1/482838/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/37461nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000