cpe:/a:websihirbazi:websihirbazi:5.1.1 CVE-2007-6556 2007-12-27T19:46:00.000-05:00 2017-09-28T21:29:59.847-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-12-28T10:27:00.000-05:00 ALLOWS_USER_ACCESS BID 27031 SECUNIA 28206 OSVDB 39640 EXPLOIT-DB 4777 XF websihirbazi-default-sql-injection(39216) Multiple SQL injection vulnerabilities in websihirbazi 5.1.1 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to default.asp in a news page action or (2) the pageid parameter to default.asp.