SQL injection vulnerability in Grayscale Blog 0.8.0, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) userdetail.php, id and (2) url parameter to (b) jump.php, and id variable to (c) detail.php.
References
Configurations
History
21 Nov 2024, 00:28
Type | Values Removed | Values Added |
---|---|---|
References | () http://securityreason.com/securityalert/2417 - | |
References | () http://www.securityfocus.com/archive/1/462441/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/22911 - Exploit | |
References | () http://www.vupen.com/english/advisories/2007/0916 - |
Information
Published : 2007-03-13 19:19
Updated : 2024-11-21 00:28
NVD link : CVE-2007-1434
Mitre link : CVE-2007-1434
CVE.ORG link : CVE-2007-1434
JSON object : View
Products Affected
grayscale
- grayscale_blog
CWE