vendor:
Bloo
by:
MhZ91
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Bloo
Affected Version From: v.1.00
Affected Version To: v.1.00
Patch Exists: NO
Related CWE: N/A
CPE: a:bloo_project:bloo
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
Bloo – Object Oriented Blog Software <= v.1.00 Remote Sql Injection
Bloo - Object Oriented Blog Software <= v.1.00 is vulnerable to remote SQL injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can allow the attacker to gain access to sensitive information such as usernames and passwords stored in the database.
Mitigation:
Developers should ensure that user-supplied input is properly sanitized and validated before being used in SQL queries.