Vulnerability Details CVE-2006-0324
SQL injection vulnerability in WebspotBlogging 3.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter to login.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.04
EPSS Ranking 88.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://evuln.com/vulns/41/summary.html
- http://secunia.com/advisories/18560
- http://securityreason.com/securityalert/356
- http://securitytracker.com/id?1015522
- http://www.osvdb.org/22670
- http://www.securityfocus.com/archive/1/422364/100/0/threaded
- http://www.securityfocus.com/bid/16319
- http://www.vupen.com/english/advisories/2006/0268
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24222
- https://sourceforge.net/forum/forum.php?forum_id=532233
- https://sourceforge.net/project/shownotes.php?release_id=387180&group_id=156586
- http://evuln.com/vulns/41/summary.html
- http://secunia.com/advisories/18560
- http://securityreason.com/securityalert/356
- http://securitytracker.com/id?1015522
- http://www.osvdb.org/22670
- http://www.securityfocus.com/archive/1/422364/100/0/threaded
- http://www.securityfocus.com/bid/16319
- http://www.vupen.com/english/advisories/2006/0268
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24222
- https://sourceforge.net/forum/forum.php?forum_id=532233
- https://sourceforge.net/project/shownotes.php?release_id=387180&group_id=156586
Products affected by CVE-2006-0324
-
cpe:2.3:a:webspot:webspotblogging:3.0