Vulnerabilities > CVE-2006-4300 - Unspecified vulnerability in 8Pixel.Net Simple Blog
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in comments.asp in SimpleBlog 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description SimpleBlog <= 2.0 (comments.asp) Remote SQL Injection Exploit. CVE-2006-4300. Webapps exploit for php platform file exploits/php/webapps/2232.pl id EDB-ID:2232 last seen 2016-01-31 modified 2006-08-20 platform php port published 2006-08-20 reporter ASIANEAGLE source https://www.exploit-db.com/download/2232/ title SimpleBlog <= 2.0 comments.asp Remote SQL Injection Exploit type webapps description SimpleBlog <= 2.0 (comments.asp) Remote SQL Injection Vulnerability. CVE-2006-4300. Webapps exploit for asp platform file exploits/asp/webapps/2228.txt id EDB-ID:2228 last seen 2016-01-31 modified 2006-08-20 platform asp port published 2006-08-20 reporter Chironex Fleckeri source https://www.exploit-db.com/download/2228/ title SimpleBlog <= 2.0 comments.asp Remote SQL Injection Vulnerability type webapps
References
- http://secunia.com/advisories/18488/
- http://securityreason.com/securityalert/1440
- http://www.securityfocus.com/archive/1/443923/100/0/threaded
- http://www.securityfocus.com/bid/19609/info
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28470
- https://www.exploit-db.com/exploits/2228
- https://www.exploit-db.com/exploits/2232