SparkleBlog SQL Injection Network Vulnerability

Summary

The remote host is running SparkleBlog, a web blog manager written in PHP. The remote version of this software contains a flaw in the file 'journal.php' which may allow an attacker to insert arbitrary SQL statements in the remote database.

Solution

Upgrade to the newest version of this software or disable it.

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apple Safari RSS Feed Information Disclosure Vulnerability
ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability
Adiscon LogAnalyzer Multiple SQL Injection and XSS Vulnerabilities
Advantech Studio 'NTWebServer.exe' Directory Traversal Vulnerability
ATutor < 1.5.1-pl1 Multiple Flaws

Take action and discover your vulnerabilities