VULHUB ™

It has been reported that Web Wiz Forum is affected by multiple vulnerabilities. These issues are due to failure to properly sanitize user-supplied input facilitating SQL injection attacks, and design errors that allow unauthorized access to certain web forum functionality. As a result of the SQL injection issue an attacker could modify the logic and structure of database queries. Other attacks may also be possible, such as gaining access to sensitive information. A design error allows any user to access the topic modification and IP address blocking scripts, permitting unauthorized users to change forum topics and block arbitrary IP addresses.

It has been reported that Web Wiz Forum is affected by multiple vulnerabilities. These issues are due to failure to properly sanitize user-supplied input facilitating SQL injection attacks, and design errors that allow unauthorized access to certain web forum functionality. As a result of the SQL injection issue an attacker could modify the logic and structure of database queries. Other attacks may also be possible, such as gaining access to sensitive information. A design error allows any user to access the topic modification and IP address blocking scripts, permitting unauthorized users to change forum topics and block arbitrary IP addresses.