CVE-2005-2838 Information

Description

SQL injection vulnerability in login.php in myBloggie 2.1.3-beta and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.

Reference

http://glide.stanford.edu/yichen/research/sec.pdf http://marc.info/?l=bugtraq&m=112607358831963&w=2 http://mywebland.com/forums/showtopic.php?t=399 http://secunia.com/advisories/16699 http://www.securityfocus.com/archive/1/419280/100/0/threaded http://www.securityfocus.com/bid/14739 https://exchange.xforce.ibmcloud.com/vulnerabilities/22162