WebspotBlogging.Login.PHP.SQL.Injection

description-logoDescription

A SQL injection vulnerability in WebspotBlogging 3.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter to login.php.

affected-products-logoAffected Products

Webspot WebspotBlogging 3.0

Impact logoImpact

Execute arbitrary SQL commands.

recomended-action-logoRecommended Actions

Upgrade to version 3.01 :
https://sourceforge.net/project/showfiles.php?group_id=156586

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2018-09-27 13.459