cpe:/a:webmastersite:wsn_guest:1.23 CVE-2009-0704 2009-02-23T10:30:04.217-05:00 2017-09-28T21:33:58.637-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-02-24T09:55:00.000-05:00 BID 33097 EXPLOIT-DB 7659 XF wsnguest-search-sql-injection(47723) SQL injection vulnerability in search.php in WSN Guest 1.23 allows remote attackers to execute arbitrary SQL commands via the search parameter in an advanced action.