Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4049

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4049
Last Modified 07 Mar 2011 09:27:36
Published 07 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4049

Summary

Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the cat parameter in index.php and (2) the note parameter in blog.php.

Vulnerable Systems

Application

  • Netart Media Blog System 1.2


References

XF - blog-system-index-blog-sql-injection(23430)

VUPEN - ADV-2005-2767

BID - 15719

BUGTRAQ - 20051205 Blog System v1.2 Multiple SQL Injection Vulnerabilities

SECTRACK - 1015310

SECUNIA - 17893

OSVDB - 21454

OSVDB - 21453

SREASON - 230

MISC - http://pridels0.blogspot.com/2005/12/blog-system-v12-sql-inj-vuln.html


Last Updated: 27 May 2016 10:41:10