Max.Blog <= 1.0.6 (show_post.php) SQL Injection Vulnerability

Salvatore "drosophila" Fresta Application: Max.Blog http://www.mzbservices.com Version: Max.Blog = 1.0.6 Bug: SQL Injection Exploitation: Remote Dork: intext:"Powered by Max.Blog" Date: 20 Jan 2009 Discovered by: Salvatore "drosophila" Fresta Author: Salvatore "drosophila" Fresta e-mail:...