Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1570

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-1570
Last Modified 05 Sep 2008 04:41:46
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1570

Summary

SQL injection vulnerability in bBlog 0.7.2 and 0.7.3 allows remote attackers to execute arbitrary SQL commands via the p parameter.

Vulnerable Systems

Application

  • Eaden Mckee Bblog 0.7.2

  • Eaden Mckee Bblog 0.7.3


References

BUGTRAQ - 20041001 SQL Injection vulnerability in bBlog 0.7.3

XF - bblog-array-sql-injection(17552)

MISC - http://www.servers.co.nz/security/SCN200409-1.php

BID - 11303

SECUNIA - 12691


Last Updated: 27 May 2016 10:39:06