Vulnerabilities > CVE-2007-0759 - Unspecified vulnerability in Umberto Caldera Easymoblog 0.5.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN umberto-caldera
exploit available
Summary
Multiple SQL injection vulnerabilities in EasyMoblog 0.5.1 allow remote attackers to execute arbitrary SQL commands via the (1) i or (2) post_id parameter to add_comment.php, which triggers an injection in libraries.inc.php; or (3) the i parameter to list_comments.php, which triggers an injection in libraries.inc.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | EasyMoblog 0.5.1 Multiple Input Validation Vulnerabilities. CVE-2007-0759. Webapps exploit for php platform |
| id | EDB-ID:29559 |
| last seen | 2016-02-03 |
| modified | 2007-02-02 |
| published | 2007-02-02 |
| reporter | Tal Argoni |
| source | https://www.exploit-db.com/download/29559/ |
| title | EasyMoblog 0.5.1 - Multiple Input Validation Vulnerabilities |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0052.html
- http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0052.html
- http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0054.html
- http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0054.html
- http://osvdb.org/33636
- http://osvdb.org/33636
- http://secunia.com/advisories/19370
- http://secunia.com/advisories/19370
- http://www.securityfocus.com/bid/22369
- http://www.securityfocus.com/bid/22369
- http://www.zion-security.com/text/Sql_Vulnerability_EasymoBlog%232.txt
- http://www.zion-security.com/text/Sql_Vulnerability_EasymoBlog%232.txt
- http://www.zion-security.com/text/Sql_Vulnerability_EasymoBlog.txt
- http://www.zion-security.com/text/Sql_Vulnerability_EasymoBlog.txt