CVE-2006-2127
published 2006-05-01CVE-2006-2127: SQL injection vulnerability in weblog_posting.php in Blog Mod 0.2.x allows remote attackers to execute arbitrary SQL commands via the r parameter.
PriorityP433medium6.4CVSS 2.0
AVNACLAuNCPIPAN
EXPLOIT
EPSS
1.51%
71.3th percentile
SQL injection vulnerability in weblog_posting.php in Blog Mod 0.2.x allows remote attackers to execute arbitrary SQL commands via the r parameter.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| blog_mod | blog_mod | — | — |
| blog_mod | blog_mod | — | — |
| blog_mod | blog_mod | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://securityreason.com/securityalert/810http://www.securityfocus.com/archive/1/432602/100/0/threadedhttp://www.securityfocus.com/bid/17744http://www.us-cert.gov/cas/techalerts/TA06-164A.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/26198http://securityreason.com/securityalert/810http://www.securityfocus.com/archive/1/432602/100/0/threadedhttp://www.securityfocus.com/bid/17744http://www.us-cert.gov/cas/techalerts/TA06-164A.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/26198
2006-05-01
Published