CVE-2006-0318

2006-01-1901:00:00

mitre

www.cve.org

8.6 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.0%

JSON

SQL injection vulnerability in index.php in BlogPHP 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter in a login action.

References

evuln.com/vulns/34/summary

secunia.com/advisories/18467

www.osvdb.org/22495

www.securityfocus.com/archive/1/422137/100/0/threaded

www.securityfocus.com/bid/16269

www.vupen.com/english/advisories/2006/0204

exchange.xforce.ibmcloud.com/vulnerabilities/24131