Intrusion Prevention

8Pixel.net.SimpleBlog.SQL.Injection

Description

A SQL injection vulnerability in admin/edit.asp in 8pixel.net simpleblog 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected Products

simpleblog 2.3 and earlier.

Impact

Arbitrary SQL command execution.

Recommended Actions

No remedy available as of November 2006.

CVE References

CVE-2006-6191