Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1453


Vulnerability Score 6.8 6.8
CVE Id CVE-2009-1453
Last Modified 28 Apr 2009 12:00:00
Published 28 Apr 2009 12:30:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the txtUsername parameter (aka the Username field). NOTE: some of these details are obtained from third party information.

Vulnerable Systems


  • Anoochit Chalothorn Tiny Blogr 1.0.0


BID - 34581

BUGTRAQ - 20090417 Tiny Blogr 1.0.0 rc4 Authentication Bypass

MILW0RM - 8464

SECUNIA - 34768

Last Updated: 27 May 2016 10:50:34