4 matches found
E107 BLOG Engine Plugin Remote SQL Injection (CVE-2008-6438)
An SQL injection vulnerability has been reported in E107coders Macguru Blog Engine Plugin. An attacker could exploit this vulnerability via the uid parameter. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2008-6438
SQL injection vulnerability in macgurublogmenu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected...
CVE-2008-6438
The provided data confirms a concrete SQL injection vulnerability in the MacGuru BLOG Engine plugin for e107 (MacGuru Blog Engine). Affected component: macgurublog_menu/macgurublog.php (v2.2, with note that 2.1.4 is also affected) and, per related entries, comment.php. Root cause: unsanitized inp...
CVE-2008-6438
SQL injection vulnerability in macgurublogmenu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected...