Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mywebland mybloggie vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3003
Multiple SQL injection vulnerabilities in myBloggie 2.1.6 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) cat_id or (2) year parameter to index.php in a viewuser action, different vectors than CVE-2005-1500 and CVE-2005-4225.
Mywebland Mybloggie
1 EDB exploit
NA
CVE-2005-1497
index.php in myBloggie 2.1.1 allows remote malicious users to obtain sensitive information via an invalid post_id parameter, which reveals the path in an error message.
Mywebland Mybloggie 2.1.1
NA
CVE-2007-1899
Multiple SQL injection vulnerabilities in myWebland myBloggie 2.1.6 allow remote malicious users to execute arbitrary SQL commands via (1) the user_id parameter in a viewuser action to index.php, and allow remote authenticated administrators to execute arbitrary SQL commands via ...
Mywebland Mybloggie 2.1.6
1 EDB exploit
NA
CVE-2007-3194
Multiple PHP remote file inclusion vulnerabilities in myBloggie 2.1.5 allow remote malicious users to execute arbitrary PHP code via a URL in the bloggie_root_path parameter to (1) config.php; (2) db.php, (3) template.php, (4) functions.php, and (5) classes.php in includes/; (6) ...
Mywebland Mybloggie 2.1.5
NA
CVE-2008-3080
Cross-site request forgery (CSRF) vulnerability in admin.php in myWebland myBloggie 2.1.6 allows remote malicious users to perform edit actions as administrators. NOTE: this can be leveraged to execute SQL commands by also exploiting CVE-2007-1899.
Mywebland Mybloggie 2.1.6
1 EDB exploit
NA
CVE-2006-2859
PHP remote file inclusion vulnerability in MyBloggie 2.1.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the mybloggie_root_path parameter to (1) admin.php or (2) scode.php. NOTE: this issue has been disputed in multiple third part...
Mywebland Mybloggie 2.1.1
NA
CVE-2007-0353
Cross-site scripting (XSS) vulnerability in (1) index.php and (2) login.php in myBloggie 2.1.5 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO string.
Mywebland Mybloggie 2.1.5
2 EDB exploits
NA
CVE-2007-3650
myWebland myBloggie 2.1.6 allow remote malicious users to obtain sensitive information via (1) an invalid year parameter to calendar.php, reached through index.php; (2) a direct request to common.php; and (3) a mode array parameter in the query string to login.php, which reveal t...
Mywebland Mybloggie 2.1.6
NA
CVE-2005-1140
Cross-site scripting (XSS) vulnerability in myBloggie 2.1.1 allows remote malicious users to inject arbitrary web script or HTML via the comments.
Mywebland Mybloggie 2.1.1
NA
CVE-2005-4225
Multiple "potential" SQL injection vulnerabilities in myBloggie 2.1.3 beta might allow remote malicious users to execute arbitrary SQL commands via (1) the category parameter in add.php, (2) the cat_desc parameter in addcat.php, (3) the level and user parameters in addu...
Mywebland Mybloggie 2.1.3 Beta
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »