Vulnerabilities > CVE-2006-0345 - Input Validation vulnerability in Saral Kaushik Saralblog 1.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
saral-kaushik
exploit available
NVD
Published: 2006-01-21
Updated: 2017-07-20

Summary

Multiple SQL injection vulnerabilities in SaralBlog 1.0 allow remote attackers to execute arbitrary SQL commands via the search parameter to search.php. NOTE: the id/viewprofile.php issue is already covered by CVE-2005-4058.

Vulnerable Configurations

Part Description Count
Application
Saral_Kaushik
1

Exploit-Db

descriptionSaralBlog 1.0 Multiple Input Validation Vulnerabilities. CVE-2006-0345. Webapps exploit for php platform
idEDB-ID:27112
last seen2016-02-03
modified2006-01-18
published2006-01-18
reporterAliaksandr Hartsuyeu
sourcehttps://www.exploit-db.com/download/27112/
titleSaralBlog 1.0 - Multiple Input Validation Vulnerabilities

References