CVE

Id
32786  
CVE No.
CVE-2008-2669  
Status
Candidate  
Description
Multiple SQL injection vulnerabilities in yBlog 0.2.2.2 allow remote attackers to execute arbitrary SQL commands via (1) the q parameter to search.php, or the n parameter to (2) user.php or (3) uss.php.  
Phase
Assigned (20080611)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
354935 32786 CVE-2008-2669 BUGTRAQ:20080610 [web-app] yBlog 0.2.2.2 Multiple Remote Vulnerabilities  View
354936 32786 CVE-2008-2669 URL:http://www.securityfocus.com/archive/1/archive/1/493222/100/0/threaded  View
354937 32786 CVE-2008-2669 MILW0RM:5773  View
354938 32786 CVE-2008-2669 URL:http://www.milw0rm.com/exploits/5773  View
354939 32786 CVE-2008-2669 MISC:http://chroot.org/exploits/chroot_uu_009  View
354940 32786 CVE-2008-2669 BID:29629  View
354941 32786 CVE-2008-2669 URL:http://www.securityfocus.com/bid/29629  View
354942 32786 CVE-2008-2669 SECUNIA:30607  View
354943 32786 CVE-2008-2669 URL:http://secunia.com/advisories/30607  View
354944 32786 CVE-2008-2669 SREASON:3935  View
354945 32786 CVE-2008-2669 URL:http://securityreason.com/securityalert/3935  View
354946 32786 CVE-2008-2669 XF:yblog-searchuseruss-sql-injection(42959)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
50569 JVNDB-2008-005879 Powie pNews の index.php における SQL インジェクションの脆弱性 Powie pNews の index.php には、magic_quotes_gpc が無効になっている際、SQL インジェクションの脆弱性が存在します。 CVE-2008-2673 32786 7.5 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-005879.html  View