Published: 19/01/2007 Updated: 16/10/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 690

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-site scripting (XSS) vulnerability in (1) index.php and (2) login.php in myBloggie 2.1.5 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO string.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mywebland mybloggie 2.1.5

source: wwwsecurityfocuscom/bid/22097/info MyBloggie is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site Th ...

source: wwwsecurityfocuscom/bid/22097/info MyBloggie is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site This ...

NVD-CWE-Other http://mywebland.com/forums/showtopic.php?t=1224 http://www.securityfocus.com/bid/22097 http://securitytracker.com/id?1017531 http://securityreason.com/securityalert/2155 http://osvdb.org/32929 http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0338.html http://osvdb.org/32930 https://exchange.xforce.ibmcloud.com/vulnerabilities/31554 http://www.securityfocus.com/archive/1/457206/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/29492/

CVE-2007-0353

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect