Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0240

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0240
Last Modified 06 Sep 2011 12:00:00
Published 17 Jan 2006 08:07:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0240

Summary

Multiple SQL injection vulnerabilities in Simple Blog 2.1 allow remote attackers to execute arbitrary SQL commands via the month parameter in an archives view operation and possibly certain other parameters in unspecified scripts.

Vulnerable Systems

Application

  • 8pixel.net Simple Blog 2.1


References

XF - simpleblog-month-sql-injection(24155)

VUPEN - ADV-2006-0194

BID - 16243

BUGTRAQ - 20060114 [HSC Security Group] Multiple SQL injection/XSS in SimpleBlog 2.1

OSVDB - 22447

MISC - http://www.hackerscenter.com/archive/view.asp?id=21926

SECUNIA - 18488


Last Updated: 27 May 2016 10:41:35