CVE-2006-6191

Description

SQL injection vulnerability in admin/edit.asp in 8pixel.net simpleblog 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected products

• 8pixel.net / simple_blog2.3
• 8pixel.net / simple_blog2.0 – 2.0
• 8pixel.net / simple_blog2.1 – 2.1
• 8pixel.net / simple_blog2.2 – 2.2

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/30483
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/4742
• VENDOR_ADVISORYhttp://secunia.com/advisories/23098
• EXPLOIThttps://www.exploit-db.com/exploits/2853