Vulnerabilities > CVE-2007-0759 - Input Validation vulnerability in Umberto Caldera Easymoblog 0.5.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in EasyMoblog 0.5.1 allow remote attackers to execute arbitrary SQL commands via the (1) i or (2) post_id parameter to add_comment.php, which triggers an injection in libraries.inc.php; or (3) the i parameter to list_comments.php, which triggers an injection in libraries.inc.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | EasyMoblog 0.5.1 Multiple Input Validation Vulnerabilities. CVE-2007-0759. Webapps exploit for php platform |
| id | EDB-ID:29559 |
| last seen | 2016-02-03 |
| modified | 2007-02-02 |
| published | 2007-02-02 |
| reporter | Tal Argoni |
| source | https://www.exploit-db.com/download/29559/ |
| title | EasyMoblog 0.5.1 - Multiple Input Validation Vulnerabilities |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0052.html
- http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0054.html
- http://osvdb.org/33636
- http://secunia.com/advisories/19370
- http://www.securityfocus.com/bid/22369
- http://www.zion-security.com/text/Sql_Vulnerability_EasymoBlog%232.txt
- http://www.zion-security.com/text/Sql_Vulnerability_EasymoBlog.txt