2 matches found
Sql injection
SQL injection vulnerability in archshow.asp in BlogMe 3.0 allows remote attackers to execute arbitrary SQL commands via the var parameter, a different vector than CVE-2006-5976...
CVE-2006-5976
CVE-2006-5976 describes multiple SQL injection vulnerabilities in BlogMe 3.0 affecting the admin_login.asp page. The vulnerability allows remote attackers to insert or modify SQL statements through the (1) Username or (2) Password fields, enabling arbitrary SQL execution. This is a remote, unauth...