Security Advisory
CVE-2007-6577
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the categ parameter in a categ action or (2) the article parameter in an articles action.