Published: 09/07/2008 Updated: 11/10/2017

CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9

VMScore: 515

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in myWebland myBloggie 2.1.6 allow remote malicious users to execute arbitrary SQL commands via (1) the user_id parameter in a viewuser action to index.php, and allow remote authenticated administrators to execute arbitrary SQL commands via (2) the post_id parameter in an edit action to admin.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mywebland mybloggie 2.1.6

netVigilance Security Advisory #40 myBloggie version 216 Multiple SQL Injection Vulnerability Description: myBloggie (myweblandcom/mybloggie/) is considered one of the most simple, user-friendliest yet packed with features Weblog system available to date Built using PHP & mySQL, web most popular scripting language & database ...

myBloggie version 216 suffers from multiple remote SQL injection vulnerability ...

CWE-89 http://descriptions.securescout.com/tc/17969 http://www.netvigilance.com/advisory0040 http://secunia.com/advisories/30892 https://www.exploit-db.com/exploits/5975 https://nvd.nist.gov https://www.exploit-db.com/exploits/5975/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-1899

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect