Published: 28/12/2007 Updated: 15/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in Logaholic prior to 2.0 RC8 allow remote malicious users to execute arbitrary SQL commands via (1) the from parameter to index.php or (2) the page parameter to update.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
logaholic logaholic 0

source: wwwsecurityfocuscom/bid/27003/info Logaholic is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues, a cross-site scripting issue, and an HTML-injection issue The issues occur because the application fails to sufficiently sanitize user-supplied data Exploiting these issues could allow a ...

source: wwwsecurityfocuscom/bid/27003/info Logaholic is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues, a cross-site scripting issue, and an HTML-injection issue The issues occur because the application fails to sufficiently sanitize user-supplied data Exploiting these issues could allow an ...

CWE-89 http://www.securityfocus.com/bid/27003 http://secunia.com/advisories/28263 http://securityreason.com/securityalert/3496 http://osvdb.org/39791 http://osvdb.org/39790 http://www.securityfocus.com/archive/1/490101/100/0/threaded http://www.securityfocus.com/archive/1/485480/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/30930/

CVE-2007-6559

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect