Unrated severityNVD Advisory· Published Dec 7, 2005· Updated Apr 16, 2026

CVE-2005-4049

Description

Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the cat parameter in index.php and (2) the note parameter in blog.php.

Affected products

Netartmedia/Blog System
cpe:2.3:a:netart_media:blog_system:1.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securitytracker.com/idnvdExploit
www.securityfocus.com/bid/15719/nvdExploit
secunia.com/advisories/17893/nvdVendor Advisory
pridels0.blogspot.com/2005/12/blog-system-v12-sql-inj-vuln.htmlnvd
securityreason.com/securityalert/230nvd
www.osvdb.org/21453nvd
www.osvdb.org/21454nvd
www.securityfocus.com/archive/1/418640/100/0/threadednvd
www.vupen.com/english/advisories/2005/2767nvd
exchange.xforce.ibmcloud.com/vulnerabilities/23430nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000