Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web blog vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4825
8pixel.net Blog 4 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for App_Data/sb.mdb.
8pixel Simple Blog 4.0
1 EDB exploit
NA
CVE-2009-3666
Cross-site scripting (XSS) vulnerability in index.php in Nullam Blog 0.1.2 allows remote malicious users to inject arbitrary web script or HTML via the e parameter in an error action.
Nullam Nullam Blog 0.1.2
1 EDB exploit
NA
CVE-2009-0338
Cross-site scripting (XSS) vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows remote malicious users to inject arbitrary web script or HTML via the CategoryID parameter in a refer action.
Dmxready Blog Manager Nil
1 EDB exploit
NA
CVE-2009-4366
Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez Blog 1.0 allows remote malicious users to inject arbitrary web script or HTML via the yr parameter in a bmonth action.
Scriptsez Ez Blog 1.0
2 EDB exploits
NA
CVE-2009-4580
Multiple cross-site scripting (XSS) vulnerabilities in Hasta Blog 2.3 allow remote malicious users to inject arbitrary web script or HTML via the id parameter to (1) yorumyaz.php and (2) blog.php.
Hastablog Hasta Blog 2.3
6.1
CVSSv3
CVE-2016-1179
Cross-site scripting (XSS) vulnerability in the standard template of the comment functionality in appleple a-blog cms 2.6.0.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML.
Appleple A-blog Cms
NA
CVE-2006-1899
Multiple cross-site scripting (XSS) vulnerabilities in dev Neuron Blog 1.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) name and (2) website parameters.
Dev Neuron Blog 1.1
NA
CVE-2008-5780
Forest Blog 1.3.2 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file containing passwords via a direct request for blog.mdb.
Hostforest Forest Blog 1.3.2
1 EDB exploit
NA
CVE-2006-0239
Multiple cross-site scripting (XSS) vulnerabilities in Simple Blog 2.1 allow remote malicious users to inject arbitrary web script or HTML via (1) a comment to comments.asp and (2) possibly certain other fields in unspecified scripts.
8pixel.net Simple Blog 2.1
NA
CVE-2008-2668
Multiple cross-site scripting (XSS) vulnerabilities in yBlog 0.2.2.2 allow remote malicious users to inject arbitrary web script or HTML via (1) the q parameter to search.php, or the n parameter to (2) user.php or (3) uss.php.
Y-blog Yblog 0.2.2.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »