QDBlog Multiple Scripts Multiple Input Validation Vulnerabilities

QDBlog Multiple Scripts Multiple Input Validation Vulnerabilities

QDBlog is prone to multiple input-validation vulnerabilities, including SQL-injection and local file-include issues, because the application fails to sanitize user-supplied input.

A successful exploit of these vulnerabilities could allow an attacker to compromise the application, access or modify data, steal cookie-based authentication credentials, exploit vulnerabilities in the underlying database implementation, and execute arbitrary code within the webserver process. Other attacks are also possible.

QDBlog 0.4 is vulnerable; other versions may also be affected.