Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-15539
SQL Injection exists in zorovavi/blog through 2017-10-17 via the id parameter to recept.php.
Zorovavi\\/blog Project Zorovavi\\/blog
7.5
CVSSv2
CVE-2008-2671
SQL injection vulnerability in comments.php in DCFM Blog 0.9.4 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Dcfm Blog Dcfm Blog 0.9.4
1 EDB exploit
7.5
CVSSv2
CVE-2006-5135
Multiple PHP remote file inclusion vulnerabilities in A-Blog 2 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) open_box, (2) middle_box, and (3) close_box parameters in (a) sources/myaccount.php; the (4) navigation_end parameter in (b) navigation/s...
A-blog A-blog 2
1 EDB exploit
4.3
CVSSv2
CVE-2005-0802
Cross-site scripting (XSS) vulnerability in search.asp in ACS Blog 0.8 up to and including 1.1b allows remote malicious users to execute arbitrary web script or HTML via the search parameter.
Asp Press Acs Blog 1.0
Asp Press Acs Blog 1.1b
Asp Press Acs Blog 0.8
Asp Press Acs Blog 0.9
1 EDB exploit
7.5
CVSSv2
CVE-2006-1243
Directory traversal vulnerability in install05.php in Simple PHP Blog (SPB) 0.4.7.1 and previous versions allows remote malicious users to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the blog_language parameter, as demo...
Alexander Palmo Simple Php Blog 0.4.6
Alexander Palmo Simple Php Blog 0.4.7
Alexander Palmo Simple Php Blog 0.4.0
Alexander Palmo Simple Php Blog 0.4.5
Alexander Palmo Simple Php Blog
1 EDB exploit
7.5
CVSSv2
CVE-2020-21179
Sql injection vulnerability in koa2-blog 1.0.0 allows remote malicious users to Injecting a malicious SQL statement via the name parameter to the signin page.
Koa2-blog Project Koa2-blog 1.0.0
7.5
CVSSv2
CVE-2020-21180
Sql injection vulnerability in koa2-blog 1.0.0 allows remote malicious users to Injecting a malicious SQL statement via the name parameter to the signup page.
Koa2-blog Project Koa2-blog 1.0.0
7.5
CVSSv2
CVE-2007-5272
SQL injection vulnerability in kategori.asp in Furkan Tastan Blog allows remote malicious users to execute arbitrary SQL commands via the id parameter in a goster kat action.
Furkan Tastan Blog Furkan Tastan Blog
1 EDB exploit
4.3
CVSSv2
CVE-2021-26224
Cross-site scripting (XSS) vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote malicious users to inject arbitrary web script or HTML via the search field to search.php.
Fantastic Blog Project Fantastic Blog 1.0
7.5
CVSSv2
CVE-2007-3889
Multiple SQL injection vulnerabilities in Insanely Simple Blog 0.5 and previous versions allow remote malicious users to execute arbitrary SQL commands via the current_subsection parameter to index.php and other unspecified vectors.
Insanely Simple Blog Insanely Simple Blog
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »