CVE-2007-3449
CVE-2007-3449 describes an SQL injection vulnerability in the 6ALBlog software, specifically in the file and function related to member.php, where the vulnerable parameter is newsid . An attacker can remotely craft input to cause arbitrary SQL commands to be executed by the backend database. The ...