Multiple SQL injection vulnerabilities in Ublog Reload 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) ci, (2) d, or (3) m parameter to index.asp, or the (4) bi parameter to blog_comment.asp.
References
Link | Resource |
---|---|
http://echo.or.id/adv/adv18-theday-2005.txt | Exploit Vendor Advisory |
http://www.vupen.com/english/advisories/2005/0818 | |
http://marc.info/?l=bugtraq&m=111928552304897&w=2 |
Configurations
Information
Published : 2005-06-19 21:00
Updated : 2016-10-17 20:24
NVD link : CVE-2005-2009
Mitre link : CVE-2005-2009
JSON object : View
CWE
Products Affected
ublog
- reload