Skip to main content

Bw

1 CVEs product

Monthly

CVE-2019-7587 CRITICAL POC Act Now

Bo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/comments/batchdel/ comID parameter because this parameter is mishandled in the mode/admin.mode.php delBlockedBatch function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Bw
NVD
CVSS 3.0
9.8
EPSS
1.5%
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Bo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/comments/batchdel/ comID parameter because this parameter is mishandled in the mode/admin.mode.php delBlockedBatch function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Bw
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy