CVE-2007-4919 Information

Description

Multiple SQL injection vulnerabilities in JBlog 1.0 allow (1) remote attackers to execute arbitrary SQL commands via the id parameter to index.php and allow (2) remote authenticated administrators to execute arbitrary SQL commands via the id parameter to admin/modifpost.php.

Reference

http://www.securityfocus.com/bid/25669 http://www.vupen.com/english/advisories/2007/3178 https://exchange.xforce.ibmcloud.com/vulnerabilities/36602 https://www.exploit-db.com/exploits/4408