3 matches found
CVE-2009-1453
SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the txtUsername parameter aka the Username field. NOTE: some of these details are obtained from third party information...
CVE-2009-1453
SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the txtUsername parameter aka the Username field. NOTE: some of these details are obtained from third party information...
CVE-2009-1453
CVE-2009-1453 : A SQL injection vulnerability exists in Tiny Blogr 1.0.0 rc4, specifically in class.eport.php. When magic_quotes_gpc is disabled, an attacker can manipulate the txtUsername parameter (the Username field) to execute arbitrary SQL commands remotely. This is a classic input-validatio...