CVE-2006-3065

Name of the Vulnerable Software and Affected Versions blur6ex version 0.3.462

Description The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the ID parameter in a 'proc reply' action within the 'blog' shard of the engine.

Recommendations For blur6ex version 0.3.462, avoid using the ID parameter in the 'proc reply' action of the 'blog' shard until a fix is available. Consider restricting access to the 'blog' shard to minimize the risk of exploitation.