Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mywebland mybloggie vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-3003
Multiple SQL injection vulnerabilities in myBloggie 2.1.6 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) cat_id or (2) year parameter to index.php in a viewuser action, different vectors than CVE-2005-1500 and CVE-2005-4225.
Mywebland Mybloggie
1 EDB exploit
5
CVSSv2
CVE-2007-3650
myWebland myBloggie 2.1.6 allow remote malicious users to obtain sensitive information via (1) an invalid year parameter to calendar.php, reached through index.php; (2) a direct request to common.php; and (3) a mode array parameter in the query string to login.php, which reveal t...
Mywebland Mybloggie 2.1.6
4.3
CVSSv2
CVE-2005-1140
Cross-site scripting (XSS) vulnerability in myBloggie 2.1.1 allows remote malicious users to inject arbitrary web script or HTML via the comments.
Mywebland Mybloggie 2.1.1
6.8
CVSSv2
CVE-2007-0353
Cross-site scripting (XSS) vulnerability in (1) index.php and (2) login.php in myBloggie 2.1.5 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO string.
Mywebland Mybloggie 2.1.5
2 EDB exploits
5
CVSSv2
CVE-2005-1497
index.php in myBloggie 2.1.1 allows remote malicious users to obtain sensitive information via an invalid post_id parameter, which reveals the path in an error message.
Mywebland Mybloggie 2.1.1
7.5
CVSSv2
CVE-2006-2859
PHP remote file inclusion vulnerability in MyBloggie 2.1.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the mybloggie_root_path parameter to (1) admin.php or (2) scode.php. NOTE: this issue has been disputed in multiple third part...
Mywebland Mybloggie 2.1.1
7.5
CVSSv2
CVE-2005-4225
Multiple "potential" SQL injection vulnerabilities in myBloggie 2.1.3 beta might allow remote malicious users to execute arbitrary SQL commands via (1) the category parameter in add.php, (2) the cat_desc parameter in addcat.php, (3) the level and user parameters in addu...
Mywebland Mybloggie 2.1.3 Beta
7.5
CVSSv2
CVE-2005-3153
login.php in myBloggie 2.1.3 beta and previous versions allows remote malicious users to bypass a whitelist regular expression and conduct SQL injection attacks via a username parameter with SQL after a null character, which causes the whitelist check to succeed but injects the S...
Mywebland Mybloggie 2.1.3 Beta
5.1
CVSSv2
CVE-2008-3080
Cross-site request forgery (CSRF) vulnerability in admin.php in myWebland myBloggie 2.1.6 allows remote malicious users to perform edit actions as administrators. NOTE: this can be leveraged to execute SQL commands by also exploiting CVE-2007-1899.
Mywebland Mybloggie 2.1.6
1 EDB exploit
5.1
CVSSv2
CVE-2007-1899
Multiple SQL injection vulnerabilities in myWebland myBloggie 2.1.6 allow remote malicious users to execute arbitrary SQL commands via (1) the user_id parameter in a viewuser action to index.php, and allow remote authenticated administrators to execute arbitrary SQL commands via ...
Mywebland Mybloggie 2.1.6
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »