Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2127

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-2127
Last Modified 05 Sep 2008 05:03:44
Published 01 May 2006 07:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2127

Summary

SQL injection vulnerability in weblog_posting.php in Blog Mod 0.2.x allows remote attackers to execute arbitrary SQL commands via the r parameter.

Vulnerable Systems

Application

  • Blog Mod 0.2.3

  • Blog Mod 0.2.4

  • Blog Mod 0.2.4b


References

CERT - TA06-164A

BID - 17744

BUGTRAQ - 20060429 Blog Mod <= 0.2.x SQL Injection

XF - blogmod-weblogposting-sql-injection(26198)

SREASON - 810


Last Updated: 27 May 2016 10:42:20