Vulnerabilities > CVE-2006-0320 - SQL Injection vulnerability in Bit 5 Blog

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
bit-5-blog
exploit available

Summary

SQL injection vulnerability in admin/processlogin.php in Bit 5 Blog 8.01 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameter.

Vulnerable Configurations

Part Description Count
Application
Bit_5_Blog
1

Exploit-Db

descriptionBit 5 Blog 8.1 Index.PHP SQL Injection Vulnerability. CVE-2006-0320. Webapps exploit for php platform
idEDB-ID:27084
last seen2016-02-03
modified2006-01-16
published2006-01-16
reporterAliaksandr Hartsuyeu
sourcehttps://www.exploit-db.com/download/27084/
titleBit 5 Blog 8.1 Index.PHP SQL Injection Vulnerability