CVE-2008-0446

Julian Pawlowski Lulieblog - SQL Injection

Title source: rule
STIX 2.1

Description

SQL injection vulnerability in voircom.php in LulieBlog 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Khashayar Fereidani · textwebappsphp
https://www.exploit-db.com/exploits/4969

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27416
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/4969
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/39854

Scores

EPSS 0.0046
EPSS Percentile 64.3%

Details

CWE
CWE-89
Status published
Products (1)
julian_pawlowski/lulieblog 1.02
Published Jan 25, 2008
Tracked Since Feb 18, 2026