Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3090

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-3090
Last Modified 14 May 2009 01:25:57
Published 09 Jul 2008 03:33:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3090

Summary

Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819.

Vulnerable Systems

Application

  • Blognplus 2.5.5


References

MISC - http://vuln.sg/blognplus255-en.html

XF - blognplus-dm-sql-injection(43593)

XF - blognplus-index-sql-injection(43592)

BID - 30104

MISC - http://www.blogn.org/index.php?e=171

SECUNIA - 30959


Last Updated: 27 May 2016 10:48:04