E107coders » Macguru Blog Engine Plugin : Security Vulnerabilities, CVEs, CVSS score >= 5
SQL injection vulnerability in macgurublog_menu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected.
Max CVSS
7.5
EPSS Score
2.37%
Published
2009-03-06
Updated
2018-10-11
1 vulnerabilities found