Intrusion Prevention

WebspotBlogging.Login.PHP.SQL.Injection

Description

A SQL injection vulnerability in WebspotBlogging 3.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter to login.php.

Affected Products

Webspot WebspotBlogging 3.0

Impact

Execute arbitrary SQL commands.

Recommended Actions

Upgrade to version 3.01 :
https://sourceforge.net/project/showfiles.php?group_id=156586

CVE References

CVE-2006-0324