CVE-2006-1426

Published: Mar 28, 2006Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Multiple SQL injection vulnerabilities in Pixel Motion Blog allow remote attackers to execute arbitrary SQL commands via the (1) date parameter in index.php or bypass authentication via the (2) password parameter in admin/index.php.

Affected (1)

Products: Pixel Motion: Pixel Motion Blog

Pixel Motion

1 product

Pixel Motion Blog

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Pixel Motion Pixel Motion Blog	All versions

References (16)

http://secunia.com/advisories/19421

Source: cve@mitre.org

ExploitVendor Advisory

http://www.osvdb.org/24168

Source: cve@mitre.org

http://www.osvdb.org/24169

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/428964/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/17260

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2006/1135

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/25478

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/25481

Source: cve@mitre.org

http://secunia.com/advisories/19421