SQL Injection Vulnerability in wpQuiz Product by WordPress
CVE-2007-6172

Currently unrated

Key Information:

Vendor: WordPress
Status: WPquiz
Vendor: CVE Published:; 30 November 2007

What is CVE-2007-6172?

The wpQuiz version 2.7 is susceptible to multiple SQL injection vulnerabilities, which could allow remote attackers to manipulate the database by executing arbitrary SQL commands. These vulnerabilities can be exploited through the 'id' parameter in 'viewimage.php' and 'comments.php', potentially leading to unauthorized data access and system compromise.

References

http://secunia.com/advisories/27843

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/38680

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/26611

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 30, 2007
Vulnerability Reserved
Nov 29, 2007