Vulnerabilities > CVE-2007-3979 - SQL Injection vulnerability in BlogSite Professional

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
netart-media
exploit available
NVD
Published: 2007-07-25
Updated: 2017-09-29

Summary

SQL injection vulnerability in index.php in BlogSite Professional (aka Blog System) 1.x allows remote attackers to execute arbitrary SQL commands via the news_id parameter. Further information found at: http://secunia.com/advisories/26170/

Vulnerable Configurations

Part Description Count
Application
Netart_Media
1

Exploit-Db

descriptionBlog System 1.x (index.php news_id) Remote SQL Injection Vulnerability. CVE-2007-3979. Webapps exploit for php platform
fileexploits/php/webapps/4206.txt
idEDB-ID:4206
last seen2016-01-31
modified2007-07-20
platformphp
port
published2007-07-20
reportert0pP8uZz
sourcehttps://www.exploit-db.com/download/4206/
titleBlog System 1.x - index.php news_id Remote SQL Injection Vulnerability
typewebapps

References