Vulnerabilities > CVE-2007-3889 - Unspecified vulnerability in Insanely Simple Blog Insanely Simple Blog
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN insanely-simple-blog
exploit available
Summary
Multiple SQL injection vulnerabilities in Insanely Simple Blog 0.5 and earlier allow remote attackers to execute arbitrary SQL commands via the current_subsection parameter to index.php and other unspecified vectors.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description Insanely Simple Blog 0.4/0.5 index.php current_subsection Parameter SQL Injection. CVE-2007-3889 . Webapps exploit for php platform id EDB-ID:30317 last seen 2016-02-03 modified 2007-07-17 published 2007-07-17 reporter joseph.giron13 source https://www.exploit-db.com/download/30317/ title Insanely Simple Blog 0.4/0.5 index.php current_subsection Parameter SQL Injection id EDB-ID:5774
References
- http://chroot.org/exploits/chroot_uu_010
- http://chroot.org/exploits/chroot_uu_010
- http://secunia.com/advisories/26105
- http://secunia.com/advisories/26105
- http://securityreason.com/securityalert/2904
- http://securityreason.com/securityalert/2904
- http://www.securityfocus.com/archive/1/473868/100/0/threaded
- http://www.securityfocus.com/archive/1/473868/100/0/threaded
- http://www.securityfocus.com/archive/1/493224/100/0/threaded
- http://www.securityfocus.com/archive/1/493224/100/0/threaded
- http://www.securityfocus.com/bid/24934
- http://www.securityfocus.com/bid/24934
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35450
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35450
- https://www.exploit-db.com/exploits/5774
- https://www.exploit-db.com/exploits/5774