2 matches found
CVE-2006-4857
CVE-2006-4857 is an SQL injection vulnerability in the default.asp login page of ClickTech ClickBlog 2.0. The issue permits remote attackers to execute arbitrary SQL commands via the username and form_codeword parameters. The vulnerability is categorized with a high base score (CVSS v2: 7.5; Netw...
CVE-2006-6189
CVE-2006-6189 describes an SQL injection in the web application component displayCalendar.asp of ClickTech Click Blog . The vulnerability allows remote attackers to inject arbitrary SQL commands via the date parameter, leading to potential data exposure or manipulation. The existing connected sou...