Vulnerabilities > CVE-2006-1334 - SQL Injection vulnerability in Maian Weblog
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) entry and (2) email parameters to (a) print.php and (b) mail.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description Maian Weblog 2.0 mail.php Multiple Parameter SQL Injection. CVE-2006-1334 . Webapps exploit for php platform id EDB-ID:27478 last seen 2016-02-03 modified 2006-03-27 published 2006-03-27 reporter Aliaksandr Hartsuyeu source https://www.exploit-db.com/download/27478/ title Maian Weblog 2.0 mail.php Multiple Parameter SQL Injection description Maian Weblog 2.0 print.php Multiple Parameter SQL Injection. CVE-2006-1334. Webapps exploit for php platform id EDB-ID:27477 last seen 2016-02-03 modified 2006-03-27 published 2006-03-27 reporter Aliaksandr Hartsuyeu source https://www.exploit-db.com/download/27477/ title Maian Weblog 2.0 print.php Multiple Parameter SQL Injection
References
- http://evuln.com/vulns/101/summary.html
- http://secunia.com/advisories/19273
- http://securityreason.com/securityalert/638
- http://securitytracker.com/id?1015818
- http://www.osvdb.org/23945
- http://www.osvdb.org/23946
- http://www.securityfocus.com/archive/1/428903/100/0/threaded
- http://www.securityfocus.com/bid/17159
- http://www.securityfocus.com/bid/17247
- http://www.vupen.com/english/advisories/2006/0994
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25295