cpe:/a:zsuite:zblog:1.2 CVE-2007-6577 2007-12-28T16:46:00.000-05:00 2017-09-28T21:30:00.317-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-12-30T17:11:00.000-05:00 ALLOWS_USER_ACCESS BID 26994 OSVDB 39774 OSVDB 39775 EXPLOIT-DB 4772 XF zblog-index-sql-injection(39239) Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the categ parameter in a categ action or (2) the article parameter in an articles action.