CVE-2007-1510

Particle Blogger - SQL Injection

Title source: rule

Description

SQL injection vulnerability in post.php in Particle Blogger 1.0.0 through 1.2.0 allows remote attackers to execute arbitrary SQL commands via the postid parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by WiLdBoY · htmlwebappsphp

https://www.exploit-db.com/exploits/3500

View Code ZIP pw:eip

References (9)

[Various Sources] http://forums.particlesoft.net/viewtopic.php?t=675

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/33030

[Third Party Advisory, VDB Entry] http://osvdb.org/34305

[Third Party Advisory] http://secunia.com/advisories/24559

[Third Party Advisory] http://securityreason.com/securityalert/2460

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/3500

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/23005

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/463027/100/0/threaded

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/1006

Scores

EPSS 0.0599

EPSS Percentile 90.7%

Details

Status published

Products (2)

particle_blogger/particle_blogger 1.0.0

particle_blogger/particle_blogger 1.2.0

Published Mar 20, 2007

Tracked Since Feb 18, 2026