Vulnerabilities

CVE-2008-2670

by Fred · 11/06/2008

Multiple SQL injection vulnerabilities in index.php in Insanely Simple Blog 0.5 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter, or (2) the term parameter in a search action. NOTE: the current_subsection parameter is already covered by CVE-2007-3889.

Date published : 2008-06-11

http://www.securityfocus.com/bid/29630

http://www.securityfocus.com/archive/1/493224/100/0/threaded

Similar

Tags: Cybersecurity Alert