CVE-2007-3824 Information

Description

SQL injection vulnerability in katgoster.asp in MzK Blog (tr) allows remote attackers to execute arbitrary SQL commands via the katID parameter.

Reference

http://osvdb.org/36257 http://secunia.com/advisories/26070 http://www.packetstormsecurity.org/0707-exploits/mzkblog-sql.txt http://www.securityfocus.com/bid/24909 http://www.vupen.com/english/advisories/2007/2542 https://exchange.xforce.ibmcloud.com/vulnerabilities/35424