Summary
Psychoblogger is a CMS package aimed at providing weblogs (or 'blogs') with an easy to set up system for editing and authoring the content. One of its scripts contains an SQL injection vulnerability.
An attacker may use this flaw to gain the control of the remote database and create arbitrary accounts.
Solution
Upgrade to the latest version of this CGI suite.
Severity
Classification
-
CVSS Base Score: 5.8
AV:A/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability
- Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Windows)
- Arris DOCSIS Password Disclosure
- Apache Tomcat AJP Request Remote Denial Of Service Vulnerability
- Adobe Reader 'SWF' Information Disclosure Vulnerability (Windows)