CVE-2007-2305 Information

Description

Multiple SQL injection vulnerabilities in authenticate.php in Quick and Dirty Blog (QDBlog) 0.4 and possibly earlier allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.

Reference

http://osvdb.org/35746 http://www.securityfocus.com/bid/23485 http://www.vupen.com/english/advisories/2007/1387 https://exchange.xforce.ibmcloud.com/vulnerabilities/33631 https://www.exploit-db.com/exploits/3729