Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-blog a-blog 2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-0677
SQL injection vulnerability in blog.php in A-Blog 2 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a news action.
A-blog A-blog 2
1 EDB exploit
NA
CVE-2006-5092
PHP remote file inclusion vulnerability in navigation/menu.php in A-Blog 2 allows remote malicious users to execute arbitrary PHP code via a URL in the navigation_start parameter.
A-blog A-blog 2
1 EDB exploit
NA
CVE-2006-5135
Multiple PHP remote file inclusion vulnerabilities in A-Blog 2 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) open_box, (2) middle_box, and (3) close_box parameters in (a) sources/myaccount.php; the (4) navigation_end parameter in (b) navigation/s...
A-blog A-blog 2
1 EDB exploit
NA
CVE-2008-0676
Cross-site scripting (XSS) vulnerability in search.php in A-Blog 2 allows remote malicious users to inject arbitrary web script or HTML via the words parameter.
A-blog A-blog 2
1 EDB exploit
NA
CVE-2009-4365
Multiple cross-site request forgery (CSRF) vulnerabilities in admin.php in ScriptsEz Ez Blog 1.0 allow remote malicious users to hijack the authentication of administrators for requests that (1) add a blog via the add_blog action, (2) approve a comment via the approve_comment act...
Scriptsez Ez Blog 1.0
2 EDB exploits
NA
CVE-2012-1005
Multiple cross-site scripting (XSS) vulnerabilities in Sphinx Software Mobile Web Server 3.1.2.47 allow remote malicious users to inject arbitrary web script or HTML via the comment parameter to a blog, as demonstrated using (1) Blog/MyFirstBlog.txt or (2) Blog/AboutSomething.txt...
Sphinx-soft Mobile Web Server 3.1.2.47
1 EDB exploit
NA
CVE-2006-2564
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AlstraSoft E-Friends allow remote malicious users to inject arbitrary web script or HTML by (1) posting a blog, (2) posting a listing, (3) posting an event, (4) adding comments, or (5) sending a message.
Alstrasoft E-friends 4.0
NA
CVE-2006-4829
Multiple cross-site scripting (XSS) vulnerabilities in David Czarnecki Blojsom 2.31 allow remote malicious users to inject arbitrary web script or HTML via the (1) blog-category-description, (2) blog-entry-title, (3) rss-enclosure-url, (4) technorati-tagsi, or (5) blog-category-n...
Blojsom Blojsom 2.31
1 EDB exploit
NA
CVE-2009-4907
Multiple cross-site request forgery (CSRF) vulnerabilities in oBlog allow remote malicious users to hijack the authentication of administrators for requests that (1) change the admin password, (2) force an admin logout, (3) change the visibility of posts, (4) remove links, and (5...
Dootzky Oblog
1 EDB exploit
NA
CVE-2006-3096
Multiple SQL injection vulnerabilities in iPostMX 2005 2.0 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) forum parameter in messagepost.cfm and (2) topic parameter in topics.cfm. NOTE: this item was created based on information i...
Ipostmx Ipostmx 2005
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »