CVE-2006-4300

8pixel.net Simple Blog < 2.0 - SQL Injection

Title source: rule

Description

SQL injection vulnerability in comments.asp in SimpleBlog 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Exploits (2)

exploitdb WORKING POC VERIFIED

by ASIANEAGLE · perlwebappsphp

https://www.exploit-db.com/exploits/2232

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Chironex Fleckeri · textwebappsasp

https://www.exploit-db.com/exploits/2228

View Code ZIP pw:eip

References (7)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/28470

[Exploit] http://www.securityfocus.com/bid/19609/info

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/443923/100/0/threaded

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/2228

[Third Party Advisory] http://securityreason.com/securityalert/1440

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/2232

[Vendor Advisory] http://secunia.com/advisories/18488/

Scores

EPSS 0.0305

EPSS Percentile 86.7%

Details

Status published

Products (1)

8pixel.net/simple_blog < 2.0

Published Aug 23, 2006

Tracked Since Feb 18, 2026