CyberSec.Space Logo
CVEブラウザに戻る

CVE-2007-6172

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1270%
EPSS Percentile18.71th
Published2007年11月30日
Last Modified2026年4月23日

Vulnerability Description

Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewimage.php and (2) comments.php.

Affected Platforms (CPE)

📦
Wire Plastic Design

Wpquiz

= 2.7

References & Advisories

🔗 http://secunia.com/advisories/27843
🔗 http://www.securityfocus.com/bid/26611
🔗 http://www.securityfocus.com/bid/26621
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/38680
🔗 https://www.exploit-db.com/exploits/4668
🔗 http://secunia.com/advisories/27843
🔗 http://www.securityfocus.com/bid/26611
🔗 http://www.securityfocus.com/bid/26621

関連する脆弱性情報

CVE-2004-17047.5

WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privileges via a direct request to adminrestore.php in the extras dir...

CVE-2010-36087.5

Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the (1) id and (...

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...

CVE-2007-182210.0

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailbo...