cpe:/a:a-blog:a-blog:2.0 CVE-2010-4917 2011-10-08T06:55:07.893-04:00 2017-08-28T21:29:07.173-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2011-10-10T10:08:00.000-04:00 EXPLOIT-DB 14894 BID 42988 SREASON 8450 VUPEN ADV-2010-2297 XF ablog-search-sql-injection(61600) MISC http://packetstormsecurity.org/1009-exploits/ablog-sql.txt SQL injection vulnerability in sources/search.php in A-Blog 2.0 allows remote attackers to execute arbitrary SQL commands via the words parameter.