CVE-2006-1426

High

7.5/10

Summary

Multiple SQL injection vulnerabilities in Pixel Motion Blog allow remote attackers to execute arbitrary SQL commands via the (1) date parameter in index.php or bypass authentication via the (2) password parameter in admin/index.php.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: PARTIAL

References

Advisory Timeline

Published Mar 28, 2006

CVE-2006-1426

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS