CVE-2005-2009 Information

Description

Multiple SQL injection vulnerabilities in Ublog Reload 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) ci (2) d or (3) m parameter to index.asp or the (4) bi parameter to blog_comment.asp.

Reference

http://echo.or.id/adv/adv18-theday-2005.txt http://marc.info/?l=bugtraq&m=111928552304897&w=2 http://www.vupen.com/english/advisories/2005/0818