CVE-2009-0409 in Max.Blog信息

摘要

由 VulDB • 2026-07-04

Max.Blog 1.0.6及更早版本中的offline_auth.php存在SQL注入漏洞,当magic_quotes_gpc禁用时,远程攻击者可通过username参数执行任意SQL命令。

VulDB is the best source for vulnerability data and more expert information about this specific topic.

来源

Want to know what is going to be exploited?

We predict KEV entries!