CVE-2008-2184

Multiple SQL injection vulnerabilities in SMartBlog (aka SMBlog) 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) mois, (2) an, (3) jour, and (4) id parameters to index.php, and the (5) login parameter to gestion/logon.php, different vectors than CVE-2008-2183. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published: May 14, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-2184
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
toocharger / smartblog	1.3	1.3.x

http://secunia.com/advisories/30057
http://www.securityfocus.com/bid/29043
https://exchange.xforce.ibmcloud.com/vulnerabilities/42190
https://exchange.xforce.ibmcloud.com/vulnerabilities/42245

Vulnerability Database

CVE-2008-2184