Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6805

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-6805
Last Modified 19 Aug 2009 01:24:31
Published 11 May 2009 04:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-6805

Summary

Multiple SQL injection vulnerabilities in Mic_Blog 0.0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to category.php, the (2) user parameter to login.php, and the (3) site parameter to register.php.

Vulnerable Systems

Application

  • Micgr Mic Blog 0.0.3


References

XF - micblog-category-sql-injection(45932)

BID - 31787

OSVDB - 49188

OSVDB - 49187

OSVDB - 49186

MILW0RM - 6764

SECUNIA - 32310


Last Updated: 27 May 2016 10:49:20