2 matches found
CVE-2005-4225
Multiple "potential" SQL injection vulnerabilities in myBloggie 2.1.3 beta might allow remote attackers to execute arbitrary SQL commands via 1 the category parameter in add.php, 2 the catdesc parameter in addcat.php, 3 the level and user parameters in adduser.php, 4 the postid parameter in...
CVE-2005-2838
CVE-2005-2838 affects myBloggie 2.1.3-beta and earlier; login.php is vulnerable to SQL injection via the username parameter, enabling remote command execution. Affected component is login.php; root cause is unsafely constructed SQL from user input. Public documents confirm the vulnerability and d...