CVE-2006-4042
Summary
| CVE | CVE-2006-4042 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-08-09 23:04:00 UTC |
| Updated | 2018-10-17 21:33:00 UTC |
| Description | Multiple SQL injection vulnerabilities in trackback.php in myWebland myBloggie 2.1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) title, (2) url, (3) excerpt, or (4) blog_name parameters. |
Risk And Classification
Problem Types: CWE-89
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | Vendor Advisory |
| MyBloggie Trackback.PHP Multiple SQL Injection Vulnerabilities | BID | www.securityfocus.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| SecurityReason - MyBloggie <= 2.1.4 trackback.php SQL injection / admin credentials disclosure | SREASON | securityreason.com | |
| Error 404 :( | MISC | retrogod.altervista.org | |
| MyBloggie 2.1.4 - 'trackback.php' Multiple SQL Injections - PHP webapps Exploit | EXPLOIT-DB | www.exploit-db.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| Secunia - Advisories - myBloggie SQL Injection and Table Prefix Disclosure | SECUNIA | secunia.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.