CVE-2006-3905

Опубликовано: 27 июл. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in Webland MyBloggie 2.1.3 allows remote attackers to execute arbitrary SQL commands via the (1) post_id parameter in index.php and (2) search function.

Ссылки

http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046094.html
Exploit
http://marc.info/?l=bugtraq&m=114791192612460&w=2
http://www.h4cky0u.org/advisories/HYSA-2006-008-mybloggie.txt
Exploit
Vendor Advisory
http://www.osvdb.org/displayvuln.php?osvdb_id=26559
http://www.osvdb.org/displayvuln.php?osvdb_id=26560
http://www.securityfocus.com/archive/1/441356/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/26486
http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046094.html
Exploit
http://marc.info/?l=bugtraq&m=114791192612460&w=2
http://www.h4cky0u.org/advisories/HYSA-2006-008-mybloggie.txt
Exploit
Vendor Advisory
http://www.osvdb.org/displayvuln.php?osvdb_id=26559
http://www.osvdb.org/displayvuln.php?osvdb_id=26560
http://www.securityfocus.com/archive/1/441356/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/26486

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mywebland:mybloggie:2.1.3:*:*:*:*:*:*:*

cpe:2.3:a:mywebland:mybloggie:2.1.3_beta:*:*:*:*:*:*:*

EPSS

Процентиль: 79%

0.01229

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-ccgh-8jg7-9fjj

github

почти 4 года назад