Vulnerability Details CVE-2006-4042
Multiple SQL injection vulnerabilities in trackback.php in myWebland myBloggie 2.1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) title, (2) url, (3) excerpt, or (4) blog_name parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.026
EPSS Ranking 85.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://retrogod.altervista.org/mybloggie_214_sql.html
- http://secunia.com/advisories/21376
- http://securityreason.com/securityalert/1347
- http://www.securityfocus.com/archive/1/442323/100/0/threaded
- http://www.securityfocus.com/bid/19362
- http://www.vupen.com/english/advisories/2006/3179
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28241
- https://www.exploit-db.com/exploits/2118
- http://retrogod.altervista.org/mybloggie_214_sql.html
- http://secunia.com/advisories/21376
- http://securityreason.com/securityalert/1347
- http://www.securityfocus.com/archive/1/442323/100/0/threaded
- http://www.securityfocus.com/bid/19362
- http://www.vupen.com/english/advisories/2006/3179
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28241
- https://www.exploit-db.com/exploits/2118