SQL injection vulnerability in newsarchive.php in PHPeasyblog (formerly phpeasynews) 1.13 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter.
References
Configurations
History
No history.
Information
Published : 2008-06-23 17:41
Updated : 2024-02-28 11:21
NVD link : CVE-2008-2823
Mitre link : CVE-2008-2823
CVE.ORG link : CVE-2008-2823
JSON object : View
Products Affected
phpeasynews
- phpeasyblog
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')