CVE-2008-0677
CVE-2008-0677 concerns an SQL injection in blog.php of A-Blog 2, triggered via the id parameter in a news action. The underlying issue is improper input handling in a PHP-based blog component, allowing an attacker to craft the id value to modify the SQL query executed by the application. Impact, ...