Vulnerabilities > CVE-2006-1333 - SQL Injection vulnerability in BetaParticle Blog
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple SQL injection vulnerabilities in BetaParticle Blog 6.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to template_permalink.asp or (2) fldGalleryID parameter to template_gallery_detail.asp. Update to version 6.02.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
Exploit-Db
description | BetaParticle Blog <= 6.0 (fldGalleryID) Remote SQL Injection Exploit. CVE-2006-1333. Webapps exploit for asp platform |
id | EDB-ID:1589 |
last seen | 2016-01-31 |
modified | 2006-03-18 |
published | 2006-03-18 |
reporter | nukedx |
source | https://www.exploit-db.com/download/1589/ |
title | BetaParticle Blog <= 6.0 fldGalleryID Remote SQL Injection Exploit |
References
- http://blog.betaparticle.com/UserFiles/File/6fix.txt
- http://secunia.com/advisories/19292
- http://securityreason.com/securityalert/600
- http://securitytracker.com/id?1015788
- http://www.nukedx.com/?viewdoc=20
- http://www.osvdb.org/23965
- http://www.osvdb.org/23966
- http://www.securityfocus.com/archive/1/428082
- http://www.securityfocus.com/bid/17148
- http://www.vupen.com/english/advisories/2006/1000
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25327