JBlog admin/modifpost.php id Variable SQL Injection

2007-09-14T17:36:50
ID OSVDB:38560
Type osvdb
Reporter OSVDB
Modified 2007-09-14T17:36:50

Description

Technical Description

This vulnerability is only present when the magic_quotes_gpc PHP option is 'off'.

References:

Secunia Advisory ID:26165 Related OSVDB ID: 38559 Related OSVDB ID: 38557 Related OSVDB ID: 38561 ISS X-Force ID: 36602 Generic Exploit URL: http://www.milw0rm.com/exploits/4408 FrSIRT Advisory: ADV-2007-3178 CVE-2007-4919 Bugtraq ID: 25669