CVE-2006-0403

Severity CVSS v4.0:
Pending analysis
Type:
CWE-89 SQL Injection
Publication date:
25/01/2006
Last modified:
03/04/2025

Description

Multiple SQL injection vulnerabilities in e-moBLOG 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) monthy parameter to index.php or (2) login parameter to admin/index.php. NOTE: some sources have reported item 1 as involving the "monthly" parameter, but this is incorrect.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:e-moblog:e-moblog:1.3:*:*:*:*:*:*:*