Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
myblog myblog vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2007-1990
PHP remote file inclusion vulnerability in games.php in Sam Crew MyBlog, possibly 1.0 up to and including 1.6, allows remote malicious users to execute arbitrary PHP code via a URL in the id parameter, a different vector than CVE-2007-1968. NOTE: the provenance of this informatio...
Sam Crew Myblog 1.1
Sam Crew Myblog 1.2
Sam Crew Myblog 1.0
Sam Crew Myblog 1.3
Sam Crew Myblog 1.4
Sam Crew Myblog 1.5
Sam Crew Myblog 1.6
685
VMScore
CVE-2007-1968
PHP remote file inclusion vulnerability in games.php in Sam Crew MyBlog, possibly 1.0 up to and including 1.6, allows remote malicious users to execute arbitrary PHP code via a URL in the scoreid parameter.
Sam Crew Myblog 1.6
Sam Crew Myblog 1.4
Sam Crew Myblog 1.5
Sam Crew Myblog 1.0
Sam Crew Myblog 1.1
Sam Crew Myblog 1.2
Sam Crew Myblog 1.3
1 EDB exploit
755
VMScore
CVE-2008-4341
add.php in MyBlog 0.9.8 and previous versions allows remote malicious users to bypass authentication and gain administrative access by setting a cookie with admin=yes and login=admin.
Myblog Myblog
1 EDB exploit
578
VMScore
CVE-2007-2082
Direct static code injection vulnerability in admin/settings.php in MyBlog 0.9.8 and previous versions allows remote authenticated admin users to inject arbitrary PHP code via the content parameter, which can be executed by accessing index.php. NOTE: a separate vulnerability coul...
Myblog Myblog
435
VMScore
CVE-2008-2962
Multiple cross-site scripting (XSS) vulnerabilities in MyBlog allow remote malicious users to inject arbitrary web script or HTML via the (1) s and (2) sort parameters to index.php, and the (3) id parameter to post.php.
Myblog Myblog
1 EDB exploit
505
VMScore
CVE-2008-6193
Sam Crew MyBlog stores passwords in cleartext in a MySQL database, which allows context-dependent malicious users to obtain sensitive information.
Myblog Myblog
1 EDB exploit
685
VMScore
CVE-2008-2963
Multiple SQL injection vulnerabilities in MyBlog allow remote malicious users to execute arbitrary SQL commands via the (1) view parameter to (a) index.php, and the (2) id parameter to (b) member.php and (c) post.php.
Myblog Myblog
1 EDB exploit
755
VMScore
CVE-2007-2081
MyBlog 0.9.8 and previous versions allows remote malicious users to bypass authentication requirements via the admin cookie parameter to certain admin files, as demonstrated by admin/settings.php.
Myblog Myblog
1 EDB exploit
383
VMScore
CVE-2007-1969
Cross-site scripting (XSS) vulnerability in admin/modify.php in Sam Crew MyBlog remote malicious users to inject arbitrary web script or HTML via the id parameter.
Sam Crew Myblog
505
VMScore
CVE-2010-1540
Directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the task parameter. NOTE: some of these details are obtained from third party information.
Myblog Com Myblog 3.0.329
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started