Description
SQL injection vulnerability in devam.asp in ICBlogger 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the YID parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Chironex Fleckeri · textwebappsasp
https://www.exploit-db.com/exploits/2287
References (5)
Core 5
Core References
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/2287
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/21741
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/1503
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/445002/100/0/threaded
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/3441
Scores
EPSS
0.0133
EPSS Percentile
80.1%
Details
Status
published
Products (1)
icblogger/icblogger
< 2.0
Published
Sep 07, 2006
Tracked Since
Feb 18, 2026