CVE-2006-4300

Description

SQL injection vulnerability in comments.asp in SimpleBlog 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected products

• 8pixel.net / simple_blog2.0

References

• MISChttp://www.securityfocus.com/archive/1/443923/100/0/threaded
• EXPLOIThttps://www.exploit-db.com/exploits/2228
• MISChttp://securityreason.com/securityalert/1440
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/28470
• MISChttp://www.securityfocus.com/bid/19609/info
• EXPLOIThttps://www.exploit-db.com/exploits/2232
• VENDOR_ADVISORYhttp://secunia.com/advisories/18488/