Blur6ex CVE-2006-3065 SQL-Injection Vulnerability

Blur6ex is prone to a sql-injection vulnerability. SQL injection vulnerability in engine/shards/blog.php in blur6ex 0.3.462 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a proc_reply action in the blog shard. NOTE: This is a similar vulnerability to CVE-2006-1763, but the affected code and versions are different.


 

Privacy Statement
Copyright 2010, SecurityFocus