Back to search
CVE-2006-1778
Published: Apr 13, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog 0.9.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) blogid parameter in (a) index.php and (b) archive.php, the (2) m and (3) y parameters in archive.php, and the (4) sql parameter in (c) server.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
19628
third-party-advisory
x_refsource_SECUNIA
simplog-index-archive-sql-injection(25776)
vdb-entry
x_refsource_XF
1015904
vdb-entry
x_refsource_SECTRACK
1663
exploit
x_refsource_EXPLOIT-DB
20060412 Simplog <=0.9.2 multiple vulnerabilities
mailing-list
x_refsource_BUGTRAQ
24560
vdb-entry
x_refsource_OSVDB
17491
vdb-entry
x_refsource_BID
702
third-party-advisory
x_refsource_SREASON
http://retrogod.altervista.org/simplog_092_incl_xpl.html
x_refsource_MISC
24561
vdb-entry
x_refsource_OSVDB
ADV-2006-1332
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now