Vulnerabilities > John GEO > Blogs Manager > 1.101
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-08-23 | CVE-2011-5110 | SQL Injection vulnerability in John GEO Blogs Manager 1.101 Multiple SQL injection vulnerabilities in Blogs Manager 1.101 and earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter in a search action to (1) _authors_list.php, (2) _blogs_list.php, (3) _category_list.php, (4) _comments_list.php, (5) _policy_list.php, (6) _rate_list.php, (7) categoriesblogs_list.php, (8) chosen_authors_list.php, (9) chosen_blogs_list.php, (10) chosen_comments_list.php, and (11) help_list.php in blogs/. | 7.5 |