CVE-2007-3557

2007-07-04T16:30:00
ID CVE-2007-3557
Type cve
Reporter cve@mitre.org
Modified 2018-10-15T21:29:00

Description

SQL injection vulnerability in admin/login.php in Wheatblog (wB) 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the login parameter. Successful exploitation of this vulnerability requires that "register_globals" is enabled.