CVE-2006-2127
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
01/05/2006
Last modified:
03/04/2025
Description
SQL injection vulnerability in weblog_posting.php in Blog Mod 0.2.x allows remote attackers to execute arbitrary SQL commands via the r parameter.
Impact
Base Score 2.0
6.40
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:blog_mod:blog_mod:0.2.3:*:*:*:*:*:*:* | ||
cpe:2.3:a:blog_mod:blog_mod:0.2.4:*:*:*:*:*:*:* | ||
cpe:2.3:a:blog_mod:blog_mod:0.2.4b:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://securityreason.com/securityalert/810
- http://www.securityfocus.com/archive/1/432602/100/0/threaded
- http://www.securityfocus.com/bid/17744
- http://www.us-cert.gov/cas/techalerts/TA06-164A.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26198
- http://securityreason.com/securityalert/810
- http://www.securityfocus.com/archive/1/432602/100/0/threaded
- http://www.securityfocus.com/bid/17744
- http://www.us-cert.gov/cas/techalerts/TA06-164A.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26198