CVE-2006-0403

Name of the Vulnerable Software and Affected Versions e-moBLOG version 1.3

Description The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the monthy parameter to "index.php" or the login parameter to "admin/index.php".

Recommendations For e-moBLOG version 1.3, consider restricting access to the "index.php" and "admin/index.php" endpoints until a fix is available. As a temporary workaround, avoid using the monthy and login parameters in the affected API endpoints.