Vulnerabilities > CVE-2006-4202 - SQL Injection vulnerability in Spidey Blog Script PID Parameter

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
spidey-blog
exploit available
NVD
Published: 2006-08-17
Updated: 2017-10-19

Summary

SQL injection vulnerability in proje_goster.php in Spidey Blog Script 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter.

Vulnerable Configurations

Part Description Count
Application
Spidey_Blog
1

Exploit-Db

  • descriptionSpidey Blog Script <= 1.5 (tr) Remote SQL Injection Exploit. CVE-2006-4202. Webapps exploit for asp platform
    idEDB-ID:2421
    last seen2016-01-31
    modified2006-09-24
    published2006-09-24
    reportergega
    sourcehttps://www.exploit-db.com/download/2421/
    titleSpidey Blog Script <= 1.5 tr Remote SQL Injection Exploit
  • descriptionSpidey Blog Script <= 1.5 (tr) Remote SQL Injection Vulnerability. CVE-2006-4202. Webapps exploit for asp platform
    fileexploits/asp/webapps/2186.txt
    idEDB-ID:2186
    last seen2016-01-31
    modified2006-08-14
    platformasp
    port
    published2006-08-14
    reporterASIANEAGLE
    sourcehttps://www.exploit-db.com/download/2186/
    titleSpidey Blog Script <= 1.5 tr Remote SQL Injection Vulnerability
    typewebapps

References