CVE-2007-6172

wpQuiz <2.7 - SQL Injection

Title source: llm

Description

Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewimage.php and (2) comments.php.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Kacper · textwebappsphp
https://www.exploit-db.com/exploits/4668

References (5)

Scores

EPSS 0.0057
EPSS Percentile 68.2%

Classification

CWE
CWE-89
Status draft

Affected Products (1)

wire_plastic_design/wpquiz

Timeline

Published Nov 30, 2007
Tracked Since Feb 18, 2026