MyBloggie 2.1.3 - Search.PHP SQL Injection Vulnerability

ID EDB-ID:26326
Type exploitdb
Reporter trueend5
Modified 2005-10-06T00:00:00


MyBloggie 2.1.3 Search.PHP SQL Injection Vulnerability. Webapps exploit for php platform


myBloggie is prone to an SQL injection vulnerability. This is due to a lack of sanitization of user-supplied input before passing it on to SQL queries.

Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. 

method="post" name="search" onsubmit="return
checkForm(this)"><center><input type="text"
name="keyword" size="12" value="'SQLInjection"> <input
type="submit" value="Inject this"></center></form>