Sql injection

2006-01-1901:03:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.0%

JSON

SQL injection vulnerability in index.php in BlogPHP 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter in a login action.

CPENameOperatorVersion
blogphpeq1.0

CPE	Name	Operator	Version
	blogphp	eq	1.0

References

evuln.com/vulns/34/summary

secunia.com/advisories/18467

www.osvdb.org/22495

www.securityfocus.com/archive/1/422137/100/0/threaded

www.securityfocus.com/bid/16269

www.vupen.com/english/advisories/2006/0204

exchange.xforce.ibmcloud.com/vulnerabilities/24131