cbcvebase.
CVE-2008-6180
published 2009-02-19

CVE-2008-6180: SQL injection vulnerability in system/nlb_user.class.php in NewLife Blogger 3.0 and earlier, and possibly 3.3.1, allows remote attackers to execute arbitrary…

PriorityP345high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.68%
74.1th percentile
SQL injection vulnerability in system/nlb_user.class.php in NewLife Blogger 3.0 and earlier, and possibly 3.3.1, allows remote attackers to execute arbitrary SQL commands via the nlb3 cookie.

Affected

2 ranges
VendorProductVersion rangeFixed in
newlife_bloggernewlife_blogger<= 3.0
newlife_bloggernewlife_blogger
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.