Vulnerabilities > CVE-2007-3003 - SQL Injection vulnerability in MyBloggie

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

mywebland

exploit available

NVD

Published: 2007-06-04

Updated: 2018-10-16

Summary

Multiple SQL injection vulnerabilities in myBloggie 2.1.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat_id or (2) year parameter to index.php in a viewuser action, different vectors than CVE-2005-1500 and CVE-2005-4225.

Vulnerable Configurations

Part	Description	Count
Application	Mywebland Mywebland Mybloggie *	1

Exploit-Db

description	MyBloggie 2.1.x Index.PHP Multiple SQL Injection Vulnerabilities. CVE-2007-3003. Webapps exploit for php platform
id	EDB-ID:30111
last seen	2016-02-03
modified	2007-05-31
published	2007-05-31
reporter	[email protected]
source	https://www.exploit-db.com/download/30111/
title	MyBloggie 2.1.x Index.PHP Multiple SQL Injection Vulnerabilities

Summary

Vulnerable Configurations

Exploit-Db

References