CVE-2007-2305 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2007-2305

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Multiple SQL injection vulnerabilities in authenticate.php in Quick and Dirty Blog (QDBlog) 0.4, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.

Affected Software

Name	Vendor	Start Version	End Version
Qdblog	Qdblog	*	0.4 (including)

References

http://osvdb.org/35746
http://www.securityfocus.com/bid/23485
http://www.vupen.com/english/advisories/2007/1387
https://exchange.xforce.ibmcloud.com/vulnerabilities/33631
https://www.exploit-db.com/exploits/3729
http://osvdb.org/35746
http://www.securityfocus.com/bid/23485
http://www.vupen.com/english/advisories/2007/1387
https://exchange.xforce.ibmcloud.com/vulnerabilities/33631
https://www.exploit-db.com/exploits/3729