Blursoft blur6ex 0.3.462 index.php ID sql injection

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical was found in Blursoft blur6ex 0.3.462. Affected by this vulnerability is an unknown code block of the file index.php. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field03/12/2015 12:19 PM07/24/2018 10:07 AM
securityfocus_classInput Validation ErrorInput Validation Error
securityfocus_titleBlursoft Blur6ex Multiple Input Validation VulnerabilitiesBlursoft Blur6ex Multiple Input Validation Vulnerabilities
xforce2575925759
xforce_titleblur6ex index.php SQL injectionblur6ex index.php SQL injection
xforce_identifierblur6ex-index-sql-injectionblur6ex-index-sql-injection
seealso29628 2962729628 29627
cwe89 (sql injection)89 (sql injection)
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_uiNN
locationWebsiteWebsite
cvss2_vuldb_eNDND
cvss2_vuldb_rlUU
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlUU
cvss3_vuldb_rcXX
cvss3_vuldb_prNN
cvss3_vuldb_sUU
cvss3_vuldb_cNN
cvss3_vuldb_iLL
cvss3_vuldb_aNN
vendorBlursoftBlursoft
nameblur6exblur6ex
version0.3.4620.3.462
fileindex.phpindex.php
argumentIDID
risk22
cvss2_vuldb_basescore5.05.0
cvss2_vuldb_tempscore5.05.0
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciNN
cvss2_vuldb_iiPP
cvss2_vuldb_aiNN
cvss2_nvd_avNN
cvss2_nvd_acLL
cvss2_nvd_auNN
cvss2_nvd_ciNN
cvss2_nvd_iiPP
cvss2_nvd_aiNN
cvss3_meta_basescore5.35.3
cvss3_meta_tempscore5.35.3
cvss3_vuldb_basescore5.35.3
cvss3_vuldb_tempscore5.35.3
date1144800000 (04/12/2006)1144800000 (04/12/2006)
urlhttp://www.securityfocus.com/archive/1/archive/1/430607/100/0/threadedhttp://www.securityfocus.com/archive/1/archive/1/430607/100/0/threaded
price_0day$0-$5k$0-$5k
cveCVE-2006-1763CVE-2006-1763
cve_assigned11448000001144800000
cve_nvd_published11448000001144800000
cve_nvd_summaryMultiple SQL injection vulnerabilities in index.php in blur6ex 0.3.452 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a (1) g_reply or (2) g_permaPost action to the blog shard (engine/shards/blog.php), or a (3) g_viewContent action to the content shard (engine/shards/content.php).Multiple SQL injection vulnerabilities in index.php in blur6ex 0.3.452 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a (1) g_reply or (2) g_permaPost action to the blog shard (engine/shards/blog.php), or a (3) g_viewContent action to the content shard (engine/shards/content.php).
securityfocus1746517465
securityfocus_date1144713600 (04/11/2006)1144713600 (04/11/2006)
person_nameRusydi Hasan M

Want to stay up to date on a daily basis?

Enable the mail alert feature now!