CVE-2006-5635

Web Wiz Forums - SQL Injection

Title source: rule
STIX 2.1

Description

SQL injection vulnerability in forum/search.asp in Web Wiz Forums allows remote attackers to execute arbitrary SQL commands via the KW parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by almaster · textwebappsasp
https://www.exploit-db.com/exploits/28869

References (4)

Core 4
Core References
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/1801
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/450034/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/29898
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/20778

Scores

EPSS 0.0083
EPSS Percentile 74.6%

Details

Status published
Products (13)
web_wiz_forums/web_wiz_forums 6.34
web_wiz_forums/web_wiz_forums 7.0
web_wiz_forums/web_wiz_forums 7.0.1
web_wiz_forums/web_wiz_forums 7.0_beta1
web_wiz_forums/web_wiz_forums 7.5
web_wiz_forums/web_wiz_forums 7.7a
web_wiz_forums/web_wiz_forums 7.7b
web_wiz_forums/web_wiz_forums 7.8
web_wiz_forums/web_wiz_forums 7.9
web_wiz_forums/web_wiz_forums 7.51
... and 3 more
Published Nov 01, 2006
Tracked Since Feb 18, 2026