info
discussion
exploit
solution
references
BlogPHP Multiple SQL Injection Vulnerabilities
An exploit is not required.
The following proof of concept is available:
blogphp_username=admin
blogphp_password=imei' or '1'='1
Privacy Statement
Copyright 2010, SecurityFocus
