search.php in eggblog 2.0 allows remote attackers to obtain the full path via an invalid q parameter, as used by the Keyword and Search fields, possibly due to an SQL injection vulnerability.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Eggblog | Epic_designs | * | 2.0 (including) |