Vulnerability-Lookup

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

CVE-2008-5311 (GCVE-0-2008-5311)

Vulnerability from nvd – Published: 2008-12-02 11:00 – Updated: 2024-08-07 10:49

Summary

SQL injection vulnerability in image.php in NetArt Media Blog System 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://securityreason.com/securityalert/4679	third-party-advisoryx_refsource_SREASON
	http://www.vupen.com/english/advisories/2008/3240	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/32441	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	https://www.exploit-db.com/exploits/7199	exploitx_refsource_EXPLOIT-DB

Date Public ?

2008-11-23 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T10:49:12.292Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "4679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/4679"
          },
          {
            "name": "ADV-2008-3240",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/3240"
          },
          {
            "name": "32441",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/32441"
          },
          {
            "name": "blogsystem-image-sql-injection(46787)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46787"
          },
          {
            "name": "7199",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/7199"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-11-23T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "SQL injection vulnerability in image.php in NetArt Media Blog System 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "4679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/4679"
        },
        {
          "name": "ADV-2008-3240",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/3240"
        },
        {
          "name": "32441",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/32441"
        },
        {
          "name": "blogsystem-image-sql-injection(46787)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46787"
        },
        {
          "name": "7199",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/7199"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-5311",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SQL injection vulnerability in image.php in NetArt Media Blog System 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "4679",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/4679"
            },
            {
              "name": "ADV-2008-3240",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/3240"
            },
            {
              "name": "32441",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/32441"
            },
            {
              "name": "blogsystem-image-sql-injection(46787)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46787"
            },
            {
              "name": "7199",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/7199"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-5311",
    "datePublished": "2008-12-02T11:00:00.000Z",
    "dateReserved": "2008-12-01T00:00:00.000Z",
    "dateUpdated": "2024-08-07T10:49:12.292Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-3979 (GCVE-0-2007-3979)

Vulnerability from nvd – Published: 2007-07-25 17:00 – Updated: 2024-08-07 14:37

Summary

SQL injection vulnerability in index.php in BlogSite Professional (aka Blog System) 1.x allows remote attackers to execute arbitrary SQL commands via the news_id parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.vupen.com/english/advisories/2007/2607	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/24976	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://osvdb.org/36278	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/26170	third-party-advisoryx_refsource_SECUNIA
	https://www.exploit-db.com/exploits/4206	exploitx_refsource_EXPLOIT-DB

Date Public ?

2007-07-20 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:37:05.772Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2007-2607",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2607"
          },
          {
            "name": "24976",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24976"
          },
          {
            "name": "blogsitepro-index-sql-injection(35514)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35514"
          },
          {
            "name": "36278",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/36278"
          },
          {
            "name": "26170",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26170"
          },
          {
            "name": "4206",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/4206"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-07-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "SQL injection vulnerability in index.php in BlogSite Professional (aka Blog System) 1.x allows remote attackers to execute arbitrary SQL commands via the news_id parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2007-2607",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2607"
        },
        {
          "name": "24976",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24976"
        },
        {
          "name": "blogsitepro-index-sql-injection(35514)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35514"
        },
        {
          "name": "36278",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/36278"
        },
        {
          "name": "26170",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26170"
        },
        {
          "name": "4206",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/4206"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3979",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SQL injection vulnerability in index.php in BlogSite Professional (aka Blog System) 1.x allows remote attackers to execute arbitrary SQL commands via the news_id parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2007-2607",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2607"
            },
            {
              "name": "24976",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24976"
            },
            {
              "name": "blogsitepro-index-sql-injection(35514)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35514"
            },
            {
              "name": "36278",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/36278"
            },
            {
              "name": "26170",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26170"
            },
            {
              "name": "4206",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/4206"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3979",
    "datePublished": "2007-07-25T17:00:00.000Z",
    "dateReserved": "2007-07-25T00:00:00.000Z",
    "dateUpdated": "2024-08-07T14:37:05.772Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-4049 (GCVE-0-2005-4049)

Vulnerability from nvd – Published: 2005-12-07 11:00 – Updated: 2024-08-07 23:31

Summary

Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the cat parameter in index.php and (2) the note parameter in blog.php.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/15719/	vdb-entryx_refsource_BID
	http://www.osvdb.org/21454	vdb-entryx_refsource_OSVDB
	http://www.vupen.com/english/advisories/2005/2767	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/418640/100…	mailing-listx_refsource_BUGTRAQ
	http://securitytracker.com/id?1015310	vdb-entryx_refsource_SECTRACK
	http://securityreason.com/securityalert/230	third-party-advisoryx_refsource_SREASON
	http://secunia.com/advisories/17893/	third-party-advisoryx_refsource_SECUNIA
	http://pridels0.blogspot.com/2005/12/blog-system-…	x_refsource_MISC
	http://www.osvdb.org/21453	vdb-entryx_refsource_OSVDB
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Date Public ?

2005-12-05 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:31:48.987Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "15719",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15719/"
          },
          {
            "name": "21454",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/21454"
          },
          {
            "name": "ADV-2005-2767",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2767"
          },
          {
            "name": "20051205 Blog System v1.2 Multiple SQL Injection Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/418640/100/0/threaded"
          },
          {
            "name": "1015310",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015310"
          },
          {
            "name": "230",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/230"
          },
          {
            "name": "17893",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17893/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://pridels0.blogspot.com/2005/12/blog-system-v12-sql-inj-vuln.html"
          },
          {
            "name": "21453",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/21453"
          },
          {
            "name": "blog-system-index-blog-sql-injection(23430)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23430"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-12-05T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the cat parameter in index.php and (2) the note parameter in blog.php."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "15719",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15719/"
        },
        {
          "name": "21454",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/21454"
        },
        {
          "name": "ADV-2005-2767",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2767"
        },
        {
          "name": "20051205 Blog System v1.2 Multiple SQL Injection Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/418640/100/0/threaded"
        },
        {
          "name": "1015310",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015310"
        },
        {
          "name": "230",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/230"
        },
        {
          "name": "17893",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17893/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://pridels0.blogspot.com/2005/12/blog-system-v12-sql-inj-vuln.html"
        },
        {
          "name": "21453",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/21453"
        },
        {
          "name": "blog-system-index-blog-sql-injection(23430)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23430"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4049",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the cat parameter in index.php and (2) the note parameter in blog.php."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "15719",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15719/"
            },
            {
              "name": "21454",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/21454"
            },
            {
              "name": "ADV-2005-2767",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2767"
            },
            {
              "name": "20051205 Blog System v1.2 Multiple SQL Injection Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/418640/100/0/threaded"
            },
            {
              "name": "1015310",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015310"
            },
            {
              "name": "230",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/230"
            },
            {
              "name": "17893",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17893/"
            },
            {
              "name": "http://pridels0.blogspot.com/2005/12/blog-system-v12-sql-inj-vuln.html",
              "refsource": "MISC",
              "url": "http://pridels0.blogspot.com/2005/12/blog-system-v12-sql-inj-vuln.html"
            },
            {
              "name": "21453",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/21453"
            },
            {
              "name": "blog-system-index-blog-sql-injection(23430)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23430"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4049",
    "datePublished": "2005-12-07T11:00:00.000Z",
    "dateReserved": "2005-12-07T00:00:00.000Z",
    "dateUpdated": "2024-08-07T23:31:48.987Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-5311 (GCVE-0-2008-5311)

Vulnerability from cvelistv5 – Published: 2008-12-02 11:00 – Updated: 2024-08-07 10:49

Summary

SQL injection vulnerability in image.php in NetArt Media Blog System 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://securityreason.com/securityalert/4679	third-party-advisoryx_refsource_SREASON
	http://www.vupen.com/english/advisories/2008/3240	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/32441	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	https://www.exploit-db.com/exploits/7199	exploitx_refsource_EXPLOIT-DB

Date Public ?

2008-11-23 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T10:49:12.292Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "4679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/4679"
          },
          {
            "name": "ADV-2008-3240",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/3240"
          },
          {
            "name": "32441",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/32441"
          },
          {
            "name": "blogsystem-image-sql-injection(46787)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46787"
          },
          {
            "name": "7199",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/7199"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-11-23T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "SQL injection vulnerability in image.php in NetArt Media Blog System 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "4679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/4679"
        },
        {
          "name": "ADV-2008-3240",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/3240"
        },
        {
          "name": "32441",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/32441"
        },
        {
          "name": "blogsystem-image-sql-injection(46787)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46787"
        },
        {
          "name": "7199",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/7199"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-5311",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SQL injection vulnerability in image.php in NetArt Media Blog System 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "4679",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/4679"
            },
            {
              "name": "ADV-2008-3240",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/3240"
            },
            {
              "name": "32441",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/32441"
            },
            {
              "name": "blogsystem-image-sql-injection(46787)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46787"
            },
            {
              "name": "7199",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/7199"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-5311",
    "datePublished": "2008-12-02T11:00:00.000Z",
    "dateReserved": "2008-12-01T00:00:00.000Z",
    "dateUpdated": "2024-08-07T10:49:12.292Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-3979 (GCVE-0-2007-3979)

Vulnerability from cvelistv5 – Published: 2007-07-25 17:00 – Updated: 2024-08-07 14:37

Summary

SQL injection vulnerability in index.php in BlogSite Professional (aka Blog System) 1.x allows remote attackers to execute arbitrary SQL commands via the news_id parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.vupen.com/english/advisories/2007/2607	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/24976	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://osvdb.org/36278	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/26170	third-party-advisoryx_refsource_SECUNIA
	https://www.exploit-db.com/exploits/4206	exploitx_refsource_EXPLOIT-DB

Date Public ?

2007-07-20 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:37:05.772Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2007-2607",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2607"
          },
          {
            "name": "24976",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24976"
          },
          {
            "name": "blogsitepro-index-sql-injection(35514)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35514"
          },
          {
            "name": "36278",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/36278"
          },
          {
            "name": "26170",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26170"
          },
          {
            "name": "4206",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/4206"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-07-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "SQL injection vulnerability in index.php in BlogSite Professional (aka Blog System) 1.x allows remote attackers to execute arbitrary SQL commands via the news_id parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2007-2607",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2607"
        },
        {
          "name": "24976",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24976"
        },
        {
          "name": "blogsitepro-index-sql-injection(35514)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35514"
        },
        {
          "name": "36278",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/36278"
        },
        {
          "name": "26170",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26170"
        },
        {
          "name": "4206",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/4206"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3979",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SQL injection vulnerability in index.php in BlogSite Professional (aka Blog System) 1.x allows remote attackers to execute arbitrary SQL commands via the news_id parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2007-2607",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2607"
            },
            {
              "name": "24976",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24976"
            },
            {
              "name": "blogsitepro-index-sql-injection(35514)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35514"
            },
            {
              "name": "36278",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/36278"
            },
            {
              "name": "26170",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26170"
            },
            {
              "name": "4206",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/4206"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3979",
    "datePublished": "2007-07-25T17:00:00.000Z",
    "dateReserved": "2007-07-25T00:00:00.000Z",
    "dateUpdated": "2024-08-07T14:37:05.772Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-4049 (GCVE-0-2005-4049)

Vulnerability from cvelistv5 – Published: 2005-12-07 11:00 – Updated: 2024-08-07 23:31

Summary

Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the cat parameter in index.php and (2) the note parameter in blog.php.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/15719/	vdb-entryx_refsource_BID
	http://www.osvdb.org/21454	vdb-entryx_refsource_OSVDB
	http://www.vupen.com/english/advisories/2005/2767	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/418640/100…	mailing-listx_refsource_BUGTRAQ
	http://securitytracker.com/id?1015310	vdb-entryx_refsource_SECTRACK
	http://securityreason.com/securityalert/230	third-party-advisoryx_refsource_SREASON
	http://secunia.com/advisories/17893/	third-party-advisoryx_refsource_SECUNIA
	http://pridels0.blogspot.com/2005/12/blog-system-…	x_refsource_MISC
	http://www.osvdb.org/21453	vdb-entryx_refsource_OSVDB
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Date Public ?

2005-12-05 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:31:48.987Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "15719",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15719/"
          },
          {
            "name": "21454",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/21454"
          },
          {
            "name": "ADV-2005-2767",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2767"
          },
          {
            "name": "20051205 Blog System v1.2 Multiple SQL Injection Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/418640/100/0/threaded"
          },
          {
            "name": "1015310",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015310"
          },
          {
            "name": "230",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/230"
          },
          {
            "name": "17893",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17893/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://pridels0.blogspot.com/2005/12/blog-system-v12-sql-inj-vuln.html"
          },
          {
            "name": "21453",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/21453"
          },
          {
            "name": "blog-system-index-blog-sql-injection(23430)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23430"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-12-05T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the cat parameter in index.php and (2) the note parameter in blog.php."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "15719",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15719/"
        },
        {
          "name": "21454",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/21454"
        },
        {
          "name": "ADV-2005-2767",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2767"
        },
        {
          "name": "20051205 Blog System v1.2 Multiple SQL Injection Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/418640/100/0/threaded"
        },
        {
          "name": "1015310",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015310"
        },
        {
          "name": "230",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/230"
        },
        {
          "name": "17893",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17893/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://pridels0.blogspot.com/2005/12/blog-system-v12-sql-inj-vuln.html"
        },
        {
          "name": "21453",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/21453"
        },
        {
          "name": "blog-system-index-blog-sql-injection(23430)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23430"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4049",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the cat parameter in index.php and (2) the note parameter in blog.php."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "15719",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15719/"
            },
            {
              "name": "21454",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/21454"
            },
            {
              "name": "ADV-2005-2767",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2767"
            },
            {
              "name": "20051205 Blog System v1.2 Multiple SQL Injection Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/418640/100/0/threaded"
            },
            {
              "name": "1015310",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015310"
            },
            {
              "name": "230",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/230"
            },
            {
              "name": "17893",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17893/"
            },
            {
              "name": "http://pridels0.blogspot.com/2005/12/blog-system-v12-sql-inj-vuln.html",
              "refsource": "MISC",
              "url": "http://pridels0.blogspot.com/2005/12/blog-system-v12-sql-inj-vuln.html"
            },
            {
              "name": "21453",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/21453"
            },
            {
              "name": "blog-system-index-blog-sql-injection(23430)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23430"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4049",
    "datePublished": "2005-12-07T11:00:00.000Z",
    "dateReserved": "2005-12-07T00:00:00.000Z",
    "dateUpdated": "2024-08-07T23:31:48.987Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

6 vulnerabilities found for blog_system by netart_media

CVE-2008-5311 (GCVE-0-2008-5311)

CVE-2007-3979 (GCVE-0-2007-3979)

CVE-2005-4049 (GCVE-0-2005-4049)

CVE-2008-5311 (GCVE-0-2008-5311)

CVE-2007-3979 (GCVE-0-2007-3979)

CVE-2005-4049 (GCVE-0-2005-4049)