CVE-2007-6556

Multiple SQL injection vulnerabilities in websihirbazi 5.1.1 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to default.asp in a news page action or (2) the pageid parameter to default.asp.

Date published : 2007-12-27

http://www.securityfocus.com/bid/27031

https://www.exploit-db.com/exploits/4777