Test Kennung:	1.3.6.1.4.1.25623.1.0.15466
Kategorie:	Web application abuses
Titel:	bBlog SQL injection flaw
Zusammenfassung:	The remote server runs a version of bBlog which is as old as or; older than version 0.7.4.
Beschreibung:	Summary: The remote server runs a version of bBlog which is as old as or older than version 0.7.4. Vulnerability Insight: The remote version of this software is affected by a SQL injection attacks in the script 'rss.php'. This issue is due to a failure of the application to properly sanitize user-supplied input. Vulnerability Impact: An attacker may use these flaws to execute arbitrary PHP code on this host or to take the control of the remote database. Solution: Upgrade to version 0.7.4 or newer. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	BugTraq ID: 11303 Common Vulnerability Exposure (CVE) ID: CVE-2004-1570 http://www.securityfocus.com/bid/11303 Bugtraq: 20041001 SQL Injection vulnerability in bBlog 0.7.3 (Google Search) http://marc.info/?l=bugtraq&m=109665351632048&w=2 http://www.servers.co.nz/security/SCN200409-1.php http://secunia.com/advisories/12691 XForce ISS Database: bblog-array-sql-injection(17552) https://exchange.xforce.ibmcloud.com/vulnerabilities/17552
Copyright	Copyright (C) 2004 David Maciejak

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.