CVE-2006-4042

Multiple SQL injection vulnerabilities in trackback.php in myWebland myBloggie 2.1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) title, (2) url, (3) excerpt, or (4) blog_name parameters.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mywebland:mybloggie:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:15

Type Values Removed Values Added
References () http://retrogod.altervista.org/mybloggie_214_sql.html - () http://retrogod.altervista.org/mybloggie_214_sql.html -
References () http://secunia.com/advisories/21376 - Vendor Advisory () http://secunia.com/advisories/21376 - Vendor Advisory
References () http://securityreason.com/securityalert/1347 - () http://securityreason.com/securityalert/1347 -
References () http://www.securityfocus.com/archive/1/442323/100/0/threaded - () http://www.securityfocus.com/archive/1/442323/100/0/threaded -
References () http://www.securityfocus.com/bid/19362 - () http://www.securityfocus.com/bid/19362 -
References () http://www.vupen.com/english/advisories/2006/3179 - Vendor Advisory () http://www.vupen.com/english/advisories/2006/3179 - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/28241 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/28241 -
References () https://www.exploit-db.com/exploits/2118 - () https://www.exploit-db.com/exploits/2118 -

Information

Published : 2006-08-09 23:04

Updated : 2024-11-21 00:15


NVD link : CVE-2006-4042

Mitre link : CVE-2006-4042

CVE.ORG link : CVE-2006-4042


JSON object : View

Products Affected

mywebland

  • mybloggie
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')