Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5383
SQL injection vulnerability in comadd.php in Def-Blog 1.0.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the article parameter.
Def-blog Def-blog 1.0.1
1 EDB exploit
NA
CVE-2006-5092
PHP remote file inclusion vulnerability in navigation/menu.php in A-Blog 2 allows remote malicious users to execute arbitrary PHP code via a URL in the navigation_start parameter.
A-blog A-blog 2
1 EDB exploit
NA
CVE-2006-5135
Multiple PHP remote file inclusion vulnerabilities in A-Blog 2 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) open_box, (2) middle_box, and (3) close_box parameters in (a) sources/myaccount.php; the (4) navigation_end parameter in (b) navigation/s...
A-blog A-blog 2
1 EDB exploit
NA
CVE-2006-2809
Multiple cross-site scripting (XSS) vulnerabilities in index.php in ar-blog 5.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) count parameter, and possibly the (2) next, (3) Year_the_news, and (4) mo parameters. NOTE: the year and month vectors a...
Ar-blog Ar-blog 5.2
7.5
CVSSv3
CVE-2019-3494
Simply-Blog through 2019-01-01 has SQL Injection via the admin/deleteCategories.php delete parameter.
Simply-blog Project Simply-blog
NA
CVE-2008-2671
SQL injection vulnerability in comments.php in DCFM Blog 0.9.4 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Dcfm Blog Dcfm Blog 0.9.4
1 EDB exploit
NA
CVE-2008-2554
Multiple SQL injection vulnerabilities in BP Blog 6.0 allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to template_permalink.asp and (2) cat parameter to template_archives_cat.asp.
Bp Blog Bp Blog 6.0
1 EDB exploit
NA
CVE-2010-4917
SQL injection vulnerability in sources/search.php in A-Blog 2.0 allows remote malicious users to execute arbitrary SQL commands via the words parameter.
A-blog A-blog 2.0
1 EDB exploit
NA
CVE-2006-4202
SQL injection vulnerability in proje_goster.php in Spidey Blog Script 1.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pid parameter.
Spidey Blog Spidey Blog Script
2 EDB exploits
6.1
CVSSv3
CVE-2022-4400
A vulnerability was found in zbl1996 FS-Blog and classified as problematic. This issue affects some unknown processing of the component Title Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerabi...
Fs-blog Project Fs-blog -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »