{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-01-14T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in Simple Blog 2.1 allow remote attackers to execute arbitrary SQL commands via the month parameter in an archives view operation and possibly certain other parameters in unspecified scripts."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-19T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2006-0194", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/0194"}, {"tags": ["x_refsource_MISC"], "url": "http://www.hackerscenter.com/archive/view.asp?id=21926"}, {"name": "16243", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/16243"}, {"name": "22447", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/22447"}, {"name": "20060114 [HSC Security Group] Multiple SQL injection/XSS in SimpleBlog 2.1", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/422102/100/0/threaded"}, {"name": "simpleblog-month-sql-injection(24155)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24155"}, {"name": "18488", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18488"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-0240", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple SQL injection vulnerabilities in Simple Blog 2.1 allow remote attackers to execute arbitrary SQL commands via the month parameter in an archives view operation and possibly certain other parameters in unspecified scripts."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2006-0194", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/0194"}, {"name": "http://www.hackerscenter.com/archive/view.asp?id=21926", "refsource": "MISC", "url": "http://www.hackerscenter.com/archive/view.asp?id=21926"}, {"name": "16243", "refsource": "BID", "url": "http://www.securityfocus.com/bid/16243"}, {"name": "22447", "refsource": "OSVDB", "url": "http://www.osvdb.org/22447"}, {"name": "20060114 [HSC Security Group] Multiple SQL injection/XSS in SimpleBlog 2.1", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/422102/100/0/threaded"}, {"name": "simpleblog-month-sql-injection(24155)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24155"}, {"name": "18488", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18488"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-0240", "datePublished": "2006-01-18T01:00:00", "dateReserved": "2006-01-18T00:00:00", "dateUpdated": "2017-07-19T15:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:8pixel.net:simple_blog:*:*:*:*:*:*:*:*", "matchCriteriaId": "F539872D-187C-4421-9886-BB909FABB1ED", "versionEndIncluding": "2.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in Simple Blog 2.1 allow remote attackers to execute arbitrary SQL commands via the month parameter in an archives view operation and possibly certain other parameters in unspecified scripts."}], "id": "CVE-2006-0240", "lastModified": "2017-07-20T01:29:34.627", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-01-18T01:07:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://secunia.com/advisories/18488"}, {"source": "cve@mitre.org", "url": "http://www.hackerscenter.com/archive/view.asp?id=21926"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/22447"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.securityfocus.com/archive/1/422102/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/16243"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/0194"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24155"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}