sBLOG Local File Include Vulnerability

sBlog is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to access sensitive information and to execute local script code in the context of the application; this may facilitate other attacks against the affected computer.

sBlog 7.3 Beta is vulnerable to this issue.


 

Privacy Statement
Copyright 2010, SecurityFocus