CyberSec.Space Logo
Back to CVE Browser

CVE-2007-6172

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1270%
EPSS Percentile18.71th
PublishedNov 30, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewimage.php and (2) comments.php.

Affected Platforms (CPE)

πŸ“¦
Wire Plastic Design

Wpquiz

= 2.7

References & Advisories

πŸ”— http://secunia.com/advisories/27843
πŸ”— http://www.securityfocus.com/bid/26611
πŸ”— http://www.securityfocus.com/bid/26621
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/38680
πŸ”— https://www.exploit-db.com/exploits/4668
πŸ”— http://secunia.com/advisories/27843
πŸ”— http://www.securityfocus.com/bid/26611
πŸ”— http://www.securityfocus.com/bid/26621

Related Vulnerabilities

CVE-2004-17047.5

WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privileges via a direct request to adminrestore.php in the extras dir...

CVE-2010-36087.5

Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the (1) id and (...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...