WBBlog.Parameter.Remote.SQL.Injection
Description
WBBlog has a SQL-injection vulnerability. A remote attacker could execute arbitrary SQL commands in the back-end database via a specially-crafted HTTP request with the e_id parameter in a viewentry cmd.
Affected Products
WBBlog
Impact
SQL injection.
Recommended Actions
Currently we are not aware of any official supplied fix for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-11 | 16.978 |