SmartBlog Multiple Input Validation Vulnerabilities

SmartBlog is prone to multiple vulnerabilities, including SQL-injection issues and a local file-include issue, because it fails to sufficiently sanitize user-supplied data.

Successful exploits of these vulnerabilities may allow attackers to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, or view files and execute local scripts in the context of the webserver process.

SmartBlog 1.3 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus