Vulnerability Details CVE-2006-0320
SQL injection vulnerability in admin/processlogin.php in Bit 5 Blog 8.01 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.064
EPSS Ranking 90.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://evuln.com/vulns/31/summary
- http://secunia.com/advisories/18464
- http://www.osvdb.org/22445
- http://www.securityfocus.com/archive/1/422068/100/0/threaded
- http://www.securityfocus.com/bid/16244
- http://www.vupen.com/english/advisories/2006/0195
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24124
- http://evuln.com/vulns/31/summary
- http://secunia.com/advisories/18464
- http://www.osvdb.org/22445
- http://www.securityfocus.com/archive/1/422068/100/0/threaded
- http://www.securityfocus.com/bid/16244
- http://www.vupen.com/english/advisories/2006/0195
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24124
Products affected by CVE-2006-0320
-
cpe:2.3:a:bit_5_blog:bit_5_blog:*