SQL injection vulnerability in Grayscale Blog 0.8.0, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) userdetail.php, id and (2) url parameter to (b) jump.php, and id variable to (c) detail.php.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2007-03-13T19:00:00
Updated: 2018-10-16T14:57:01
Reserved: 2007-03-13T00:00:00
Link: CVE-2007-1434
JSON object: View
NVD Information
Status : Modified
Published: 2007-03-13T19:19:00.000
Modified: 2018-10-16T16:38:30.017
Link: CVE-2007-1434
JSON object: View
Redhat Information
No data.
CWE