CVE-2008-2670

2008-06-12T02:32:00
ID CVE-2008-2670
Type cve
Reporter cve@mitre.org
Modified 2018-10-11T20:42:00

Description

Multiple SQL injection vulnerabilities in index.php in Insanely Simple Blog 0.5 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter, or (2) the term parameter in a search action. NOTE: the current_subsection parameter is already covered by CVE-2007-3889.