The provided text describes an SQL injection vulnerability in dBlog CMS, where the 'm' parameter in 'storico.asp' is not properly sanitized. This allows attackers to manipulate SQL queries, potentially leading to unauthorized data access or modification.
Classification
Writeup 80%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target:dBlog CMS (version unspecified)
No auth needed
Prerequisites:Access to the vulnerable endpoint · Basic knowledge of SQL injection techniques