Vulnonym.org

CVE-2008-2626 - Unimpressible Durability

Description

SQL injection vulnerability in comment.asp in Battle Blog 1.25 and earlier allows remote attackers to execute arbitrary SQL commands via the entry parameter.

Reference

http://secunia.com/advisories/30503 http://www.davethewebguy.com/battleblog/article.asp?entry=24 http://www.securityfocus.com/bid/29507 http://www.vupen.com/english/advisories/2008/1737/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42818 https://www.exploit-db.com/exploits/5731