CVE-2009-1481
SQL injection vulnerability in action.asp in PuterJam's Blog (PJBlog3) 3.0.6.170 allows remote attackers to execute arbitrary SQL commands via the...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- April 29, 2009
- Published Date
- April 29, 2009
- Last Updated
- August 07, 2024
- Vendor
- PuterJam
- Product
- PJBlog3
- Description
- SQL injection vulnerability in action.asp in PuterJam's Blog (PJBlog3) 3.0.6.170 allows remote attackers to execute arbitrary SQL commands via the cname parameter in a checkAlias action, as exploited in the wild in April 2009. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Scores
CVSS v2.0
7.5
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploit Status
- Exploited in the Wild
- Yes (2009-04-29 18:06:00 UTC) Source
References
Known Exploited Vulnerability Information
Source | Added Date |
---|---|
CVE | 2009-04-29 18:06:00 UTC |
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel