PT-2006-4751 · Webland · Mywebland Mybloggie

Matrix_Killer

Published

2006-07-27

Updated

2018-10-17

CVE-2006-3905

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Webland MyBloggie version 2.1.3

Description A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the post id parameter in "index.php" and the search function.

Recommendations For Webland MyBloggie version 2.1.3, avoid using the post id parameter in "index.php" and restrict access to the search function until a fix is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-3905

Affected Products

Mywebland Mybloggie

PT-2006-4751 · Webland · Mywebland Mybloggie

CVE-2006-3905

Related Identifiers

Affected Products

References · 8