Unrated severityNVD Advisory· Published Dec 24, 2011· Updated Apr 29, 2026

CVE-2011-3838

Description

Multiple SQL injection vulnerabilities in Wuzly 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) u parameter to fp.php, (2) epage parameter to newpage.php, (3) epost parameter to newpost.php, and (4) username parameter to login.php in admin/; or the (5) username parameter to mobile/login.php.

Affected products

Wuzly/Wuzly
cpe:2.3:a:wuzly:wuzly:2.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/secunia_research/2011-88/nvdVendor Advisory
osvdb.org/77915nvd
osvdb.org/77916nvd
osvdb.org/77917nvd
osvdb.org/77918nvd
osvdb.org/77919nvd
secunia.com/advisories/46163nvd
exchange.xforce.ibmcloud.com/vulnerabilities/71904nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000