Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-blog a-blog 2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5135
Multiple PHP remote file inclusion vulnerabilities in A-Blog 2 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) open_box, (2) middle_box, and (3) close_box parameters in (a) sources/myaccount.php; the (4) navigation_end parameter in (b) navigation/s...
A-blog A-blog 2
1 EDB exploit
NA
CVE-2006-5092
PHP remote file inclusion vulnerability in navigation/menu.php in A-Blog 2 allows remote malicious users to execute arbitrary PHP code via a URL in the navigation_start parameter.
A-blog A-blog 2
1 EDB exploit
NA
CVE-2008-0676
Cross-site scripting (XSS) vulnerability in search.php in A-Blog 2 allows remote malicious users to inject arbitrary web script or HTML via the words parameter.
A-blog A-blog 2
1 EDB exploit
NA
CVE-2008-0677
SQL injection vulnerability in blog.php in A-Blog 2 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a news action.
A-blog A-blog 2
1 EDB exploit
NA
CVE-2009-4365
Multiple cross-site request forgery (CSRF) vulnerabilities in admin.php in ScriptsEz Ez Blog 1.0 allow remote malicious users to hijack the authentication of administrators for requests that (1) add a blog via the add_blog action, (2) approve a comment via the approve_comment act...
Scriptsez Ez Blog 1.0
2 EDB exploits
NA
CVE-2012-1005
Multiple cross-site scripting (XSS) vulnerabilities in Sphinx Software Mobile Web Server 3.1.2.47 allow remote malicious users to inject arbitrary web script or HTML via the comment parameter to a blog, as demonstrated using (1) Blog/MyFirstBlog.txt or (2) Blog/AboutSomething.txt...
Sphinx-soft Mobile Web Server 3.1.2.47
1 EDB exploit
NA
CVE-2006-2564
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AlstraSoft E-Friends allow remote malicious users to inject arbitrary web script or HTML by (1) posting a blog, (2) posting a listing, (3) posting an event, (4) adding comments, or (5) sending a message.
Alstrasoft E-friends 4.0
NA
CVE-2009-4907
Multiple cross-site request forgery (CSRF) vulnerabilities in oBlog allow remote malicious users to hijack the authentication of administrators for requests that (1) change the admin password, (2) force an admin logout, (3) change the visibility of posts, (4) remove links, and (5...
Dootzky Oblog
1 EDB exploit
NA
CVE-2006-4829
Multiple cross-site scripting (XSS) vulnerabilities in David Czarnecki Blojsom 2.31 allow remote malicious users to inject arbitrary web script or HTML via the (1) blog-category-description, (2) blog-entry-title, (3) rss-enclosure-url, (4) technorati-tagsi, or (5) blog-category-n...
Blojsom Blojsom 2.31
1 EDB exploit
NA
CVE-2006-6925
Multiple cross-site scripting (XSS) vulnerabilities in bitweaver 1.3.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the message title field when submitting an article to articles/edit.php, (2) the message title field when submi...
Bitweaver Bitweaver 1.1
Bitweaver Bitweaver 1.1.1 Beta
Bitweaver Bitweaver 1.3.1
Bitweaver Bitweaver 1.2.1
Bitweaver Bitweaver 1.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »