CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
77.7%
Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog 0.9.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) blogid parameter in (a) index.php and (b) archive.php, the (2) m and (3) y parameters in archive.php, and the (4) sql parameter in © server.php.
retrogod.altervista.org/simplog_092_incl_xpl.html
secunia.com/advisories/19628
securityreason.com/securityalert/702
securitytracker.com/id?1015904
www.osvdb.org/24560
www.osvdb.org/24561
www.securityfocus.com/archive/1/430743/100/0/threaded
www.securityfocus.com/bid/17491
www.vupen.com/english/advisories/2006/1332
exchange.xforce.ibmcloud.com/vulnerabilities/25776
www.exploit-db.com/exploits/1663