Vulnerabilities

CVE-2008-6438

by Fred · 06/03/2009

SQL injection vulnerability in macgurublog_menu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected.

Date published : 2009-03-06

http://www.securityfocus.com/bid/29344

http://www.securityfocus.com/archive/1/492506/100/0/threaded

Similar

Tags: Cybersecurity Alert