Vulnerabilities > CVE-2005-2009 - SQL-Injection vulnerability in Ublog Reload 1.0.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in Ublog Reload 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) ci, (2) d, or (3) m parameter to index.asp, or the (4) bi parameter to blog_comment.asp.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Ublog Reload 1.0.5 blog_comment.asp y Parameter SQL Injection. CVE-2005-2009. Webapps exploit for asp platform id EDB-ID:25844 last seen 2016-02-03 modified 2005-06-20 published 2005-06-20 reporter Dedi Dwianto source https://www.exploit-db.com/download/25844/ title Ublog Reload 1.0.5 blog_comment.asp y Parameter SQL Injection description Ublog Reload 1.0.5 index.asp Multiple Parameter SQL Injection. CVE-2005-2009 . Webapps exploit for asp platform id EDB-ID:25843 last seen 2016-02-03 modified 2005-06-20 published 2005-06-20 reporter Dedi Dwianto source https://www.exploit-db.com/download/25843/ title Ublog Reload 1.0.5 index.asp Multiple Parameter SQL Injection