Vulnerabilities > CVE-2007-3450 - SQL-Injection vulnerability in 6Alblog

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
gorani-network
exploit available

Summary

SQL injection vulnerability in member.php in 6ALBlog allows remote attackers to execute arbitrary SQL commands via the member parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part Description Count
Application
Gorani_Network
1

Exploit-Db

description6ALBlog (newsid) Remote SQL Injection Vulnerability. CVE-2007-3449,CVE-2007-3450,CVE-2007-3451. Webapps exploit for php platform
fileexploits/php/webapps/4104.txt
idEDB-ID:4104
last seen2016-01-31
modified2007-06-25
platformphp
port
published2007-06-25
reporterCrackers_Child
sourcehttps://www.exploit-db.com/download/4104/
title6ALBlog newsid Remote SQL Injection Vulnerability
typewebapps