HTTP: Bit 5 Blog SQL Injection
This signature detects attempts to exploit a known SQL injection vulnerability in Bit 5 Blog. It is due to insufficient validation of user-supplied input. An attacker can exploit this issue by manipulating the SQL query logic to carry out unauthorized actions on the underlying database.
Extended Description
Bit 5 Blog is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Affected Products
Bit_5_blog bit_5_blog
Short Name
HTTP:SQL:INJ:BIT5-BLOG
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
5 Bit Blog CVE-2006-0320 Injection SQL bid:16244
Release Date
05/06/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Bit_5_blog
CVSS Score
7.5