Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-4917
SQL injection vulnerability in sources/search.php in A-Blog 2.0 allows remote malicious users to execute arbitrary SQL commands via the words parameter.
A-blog A-blog 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2017-15539
SQL Injection exists in zorovavi/blog through 2017-10-17 via the id parameter to recept.php.
Zorovavi\\/blog Project Zorovavi\\/blog
4.3
CVSSv2
CVE-2008-0676
Cross-site scripting (XSS) vulnerability in search.php in A-Blog 2 allows remote malicious users to inject arbitrary web script or HTML via the words parameter.
A-blog A-blog 2
1 EDB exploit
4.3
CVSSv2
CVE-2006-0333
Cross-site scripting (XSS) vulnerability in ar-blog 5.2 allows remote malicious users to inject arbitrary web script or HTML via the (1) month or (2) year parameter to index.php.
Ar-blog Ar-blog 5.2
7.5
CVSSv2
CVE-2006-5383
SQL injection vulnerability in comadd.php in Def-Blog 1.0.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the article parameter.
Def-blog Def-blog 1.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-2554
Multiple SQL injection vulnerabilities in BP Blog 6.0 allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to template_permalink.asp and (2) cat parameter to template_archives_cat.asp.
Bp Blog Bp Blog 6.0
1 EDB exploit
7.5
CVSSv2
CVE-2006-5092
PHP remote file inclusion vulnerability in navigation/menu.php in A-Blog 2 allows remote malicious users to execute arbitrary PHP code via a URL in the navigation_start parameter.
A-blog A-blog 2
1 EDB exploit
7.5
CVSSv2
CVE-2006-5135
Multiple PHP remote file inclusion vulnerabilities in A-Blog 2 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) open_box, (2) middle_box, and (3) close_box parameters in (a) sources/myaccount.php; the (4) navigation_end parameter in (b) navigation/s...
A-blog A-blog 2
1 EDB exploit
7.5
CVSSv2
CVE-2008-3306
SQL injection vulnerability in info.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3307. NOTE: the provenance of this information is unknown; the details are obtained ...
Youtube Blog Youtube Blog 0.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-1471
admin/default.asp in Orion-Blog 2.0 allows remote malicious users to bypass authentication controls and gain privileges via a direct URL request for admin/AdminBlogNewsEdit.asp.
Orion-blog Orion-blog 2.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »