CVE-2006-5635
published 2006-11-01CVE-2006-5635: SQL injection vulnerability in forum/search.asp in Web Wiz Forums allows remote attackers to execute arbitrary SQL commands via the KW parameter.
PriorityP339high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.05%
60.1th percentile
SQL injection vulnerability in forum/search.asp in Web Wiz Forums allows remote attackers to execute arbitrary SQL commands via the KW parameter.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| web_wiz_forums | web_wiz_forums | — | — |
| web_wiz_forums | web_wiz_forums | — | — |
| web_wiz_forums | web_wiz_forums | — | — |
| web_wiz_forums | web_wiz_forums | — | — |
| web_wiz_forums | web_wiz_forums | — | — |
| web_wiz_forums | web_wiz_forums | — | — |
| web_wiz_forums | web_wiz_forums | — | — |
| web_wiz_forums | web_wiz_forums | — | — |
| web_wiz_forums | web_wiz_forums | — | — |
| web_wiz_forums | web_wiz_forums | — | — |
| web_wiz_forums | web_wiz_forums | — | — |
| web_wiz_forums | web_wiz_forums | — | — |
| web_wiz_forums | web_wiz_forums | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Web Wiz Forums 8.04 KW sql injection (EDB-28869 / XFDB-29898)
vuldb·2026-04-26·CVSS 7.5
CVE-2006-5635 [HIGH] Web Wiz Forums 8.04 KW sql injection (EDB-28869 / XFDB-29898)
A vulnerability, which was classified as critical, was found in Web Wiz Forums 8.04. Affected by this issue is some unknown functionality. Such manipulation of the argument KW leads to sql injection.
This vulnerability is documented as CVE-2006-5635. The attack can be executed remotely. Additionally, an exploit exists.
GHSA
GHSA-gj53-mxcf-p8x7: SQL injection vulnerability in forum/search
ghsa_unreviewed·2022-05-01
CVE-2006-5635 [HIGH] GHSA-gj53-mxcf-p8x7: SQL injection vulnerability in forum/search
SQL injection vulnerability in forum/search.asp in Web Wiz Forums allows remote attackers to execute arbitrary SQL commands via the KW parameter.
No detection rules found.
No writeups or analysis indexed.
http://securityreason.com/securityalert/1801http://www.securityfocus.com/archive/1/450034/100/0/threadedhttp://www.securityfocus.com/bid/20778https://exchange.xforce.ibmcloud.com/vulnerabilities/29898http://securityreason.com/securityalert/1801http://www.securityfocus.com/archive/1/450034/100/0/threadedhttp://www.securityfocus.com/bid/20778https://exchange.xforce.ibmcloud.com/vulnerabilities/29898
2006-11-01
Published