blog12SQL.txt

2005-12-09T00:00:00
ID PACKETSTORM:42179
Type packetstorm
Reporter Vipsta
Modified 2005-12-09T00:00:00

Description

                                        
                                            `Blog System v1.2 (http://www.netartmedia.net/blogsystem/)  
is vulnerable to 2 SQL injection vulnerabilities for failure to correctly sanitize SQL parameters.  
  
http://[HOST]/index.php?mode=home&cat=-99[SQL CODE]  
  
http://[HOST]/blog.php?user=[USER]&note=-99[SQL CODE]  
  
  
`