CVE-2007-0226
CVE-2007-0226 describes an SQL injection vulnerability in wbsearch.aspx for uniForum 4 and earlier, where the TXbyuser parameter (by User) can lead to arbitrary SQL execution by remote attackers. The issue arises from improper handling of user-supplied input in the SQL query, enabling confidentia...