Grayscale Blog CVE-2007-1434 SQL-Injection Vulnerability

Grayscale Blog is prone to a sql-injection vulnerability. SQL injection vulnerability in Grayscale Blog 0.8.0, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) userdetail.php, id and (2) url parameter to (b) jump.php, and id variable to (c) detail.php.


 

Privacy Statement
Copyright 2010, SecurityFocus