Return to CVE list

CVE-2006-1140

7.5
Critical

CVE-2006-1140

cve@mitre.org
Deferred
View on MITREFind on GitHub

Description

SQL injection vulnerability in rss.php in RedBLoG 0.5 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.

Exploits

15672006-03-08webappsPHP

RedBLoG 0.5 - 'cat_id' SQL Injection

By x128

References

cve@mitre.org
http://secunia.com/advisories/19181
cve@mitre.org
http://www.securityfocus.com/bid/17041
cve@mitre.org
http://www.vupen.com/english/advisories/2006/0894
cve@mitre.org
http://www.x128.net/redblog-05-remote-sql-injection.txt
cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/25122
af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/19181
af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/17041
af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2006/0894
af854a3a-2127-422b-91ae-364da2661108
http://www.x128.net/redblog-05-remote-sql-injection.txt
af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/25122