Multiple SQL injection vulnerabilities in e-moBLOG 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) monthy parameter to index.php or (2) login parameter to admin/index.php. NOTE: some sources have reported item 1 as involving the "monthly" parameter, but this is incorrect.
References
Configurations
History
No history.
Information
Published : 2006-01-25 02:03
Updated : 2024-02-28 10:42
NVD link : CVE-2006-0403
Mitre link : CVE-2006-0403
CVE.ORG link : CVE-2006-0403
JSON object : View
Products Affected
e-moblog
- e-moblog
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')