[3/5] eggBlog Unspecified Cookie SQL Injection
March 28th, 2008 by 
[3/5] eggBlog Unspecified Cookie SQL Injection
:A vulnerability has been reported in eggBlog, which can be exploited by malicious people to conduct SQL injection attacks.Input passed to an unspecified cookie is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.The vulnerability is reported in version 4.0. Prior versions may also be affected.Solution:Update to version 4.0.1.Provided and/or discovered by:The vendor credits http://girex.altervista.org/ .Original Advisory:http://eggblog.net/news.php?id=39
Original post by manisha
[3/5] eggBlog Unspecified Cookie SQL Injection
Related Articles:
[3/5] Eggblog “eggblogpassword” SQL Injection Vulnerability [2/5] eggblog rss.php URL Cross-Site Scripting [2/5] eggblog Session Fixation Vulnerability [3/5] NukeSentinel “admin” Cookie SQL Injection [3/5] NukeSentinel “admin” Cookie SQL Injections
Posted in Advisories - Exploits | 
| [3/5] eggBlog Unspecified Cookie SQL Injection