Sql injection

2006-01-1801:07:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.5%

JSON

Multiple SQL injection vulnerabilities in Simple Blog 2.1 allow remote attackers to execute arbitrary SQL commands via the month parameter in an archives view operation and possibly certain other parameters in unspecified scripts.

CPENameOperatorVersion
simple_blogle2.1

CPE	Name	Operator	Version
	simple_blog	le	2.1

References

secunia.com/advisories/18488

www.hackerscenter.com/archive/view.asp?id=21926

www.osvdb.org/22447

www.securityfocus.com/archive/1/422102/100/0/threaded

www.securityfocus.com/bid/16243

www.vupen.com/english/advisories/2006/0194

exchange.xforce.ibmcloud.com/vulnerabilities/24155