CVE-2007-3979

2007-07-2517:00:00

mitre

www.cve.org

AI Score

8.4

Confidence

Low

EPSS

0.01

Percentile

84.1%

JSON

SQL injection vulnerability in index.php in BlogSite Professional (aka Blog System) 1.x allows remote attackers to execute arbitrary SQL commands via the news_id parameter.

References

osvdb.org/36278

secunia.com/advisories/26170

www.securityfocus.com/bid/24976

www.vupen.com/english/advisories/2007/2607

exchange.xforce.ibmcloud.com/vulnerabilities/35514

www.exploit-db.com/exploits/4206