3 matches found
ClickBlog! 2.0 Default.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20033/info ClickBlog! is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...
CVE-2006-4857
SQL injection vulnerability in default.asp aka the login page in ClickTech ClickBlog 2.0 allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 formcodeword aka the Password field parameters...
CVE-2006-4857
CVE-2006-4857 is an SQL injection vulnerability in the default.asp login page of ClickTech ClickBlog 2.0. The issue permits remote attackers to execute arbitrary SQL commands via the username and form_codeword parameters. The vulnerability is categorized with a high base score (CVSS v2: 7.5; Netw...