Multiple SQL injection vulnerabilities in Wizz Forum 1.20 allow remote malicious users to execute arbitrary SQL commands via (1) the AuthID parameter in ForumAuthDetails.php, and the TopicID parameter in (2) ForumTopicDetails.php and (3) ForumReply.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wizz forum wizz forum 1.20 |