Описание
Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the cat parameter in index.php and (2) the note parameter in blog.php.
Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the cat parameter in index.php and (2) the note parameter in blog.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-4049
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23430
- http://pridels0.blogspot.com/2005/12/blog-system-v12-sql-inj-vuln.html
- http://secunia.com/advisories/17893
- http://securityreason.com/securityalert/230
- http://securitytracker.com/id?1015310
- http://www.osvdb.org/21453
- http://www.osvdb.org/21454
- http://www.securityfocus.com/archive/1/418640/100/0/threaded
- http://www.securityfocus.com/bid/15719
- http://www.vupen.com/english/advisories/2005/2767
EPSS
Процентиль: 82%
0.01658
Низкий
CVE ID
Связанные уязвимости
nvd
около 20 лет назад
Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the cat parameter in index.php and (2) the note parameter in blog.php.
EPSS
Процентиль: 82%
0.01658
Низкий