RSS   Vulnerabilities for 'Macguru blog engine plugin'   RSS

2009-03-06
 
CVE-2008-6438

CWE-89
 

 
SQL injection vulnerability in macgurublog_menu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected.

 

 >>> Vendor: E107coders 2 Products
E107 blog engine
Macguru blog engine plugin


Copyright 2024, cxsecurity.com

 

Back to Top