Description
SQL injection vulnerability in comment.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the rid parameter.
Exploits (1)
References (4)
Core 4
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30212
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/5604
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/42386
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/29181
Scores
EPSS
0.0046
EPSS Percentile
64.3%
Details
CWE
CWE-89
Status
published
Products (1)
e107coders/e107_blog_engine
2.2
Published
May 27, 2008
Tracked Since
Feb 18, 2026