Critical severity9.8OSV Advisory· Published Feb 7, 2019· Updated Jun 17, 2026
CVE-2019-7587
CVE-2019-7587
Description
Bo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/comments/batchdel/ comID parameter because this parameter is mishandled in the mode/admin.mode.php delBlockedBatch function.
Affected products
2- Range: V1.1.0, V1.5.0, V1.6.0, …
- Range: <=1.6.0-r
Patches
Vulnerability mechanics
References
1- c3tsec.wordpress.com/2019/01/12/sql-injection-in-bo-blog-wind-cms/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.