CVE-2008-3302 Information

Description

SQL injection vulnerability in admin/delete.php in BilboBlog 0.2.1 when magic_quotes_gpc is disabled allows remote authenticated administrators to execute arbitrary SQL commands via the num parameter.

Reference

http://secunia.com/advisories/31054 http://securityreason.com/securityalert/4036 https://exchange.xforce.ibmcloud.com/vulnerabilities/43765 https://www.exploit-db.com/exploits/6073