Vulnerabilities > Clicktech > Clickblog > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-12-01 | CVE-2006-6189 | SQL Injection vulnerability in Clickblog Displaycalendar.ASP SQL injection vulnerability in displayCalendar.asp in ClickTech Click Blog allows remote attackers to execute arbitrary SQL commands via the date parameter. | 7.5 |
2006-09-19 | CVE-2006-4857 | SQL Injection vulnerability in Clicktech Clickblog 2.0 SQL injection vulnerability in default.asp (aka the login page) in ClickTech ClickBlog 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) form_codeword (aka the Password field) parameters. | 7.5 |