Vulnerabilities > CVE-2007-3973 - Unspecified vulnerability in Jblog 1.0

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
jblog
exploit available
NVD
Published: 2007-07-25
Updated: 2024-11-21

Summary

Multiple cross-site scripting (XSS) vulnerabilities in JBlog 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, or the (2) search parameter or (3) theme cookie to (b) recherche.php.

Vulnerable Configurations

Part Description Count
Application
Jblog
1

Exploit-Db

  • descriptionJBlog 1.0 (index.php id) Remote SQL Injection Exploit. CVE-2007-3973,CVE-2007-3974,CVE-2007-4919. Webapps exploit for php platform
    fileexploits/php/webapps/4408.pl
    idEDB-ID:4408
    last seen2016-01-31
    modified2007-09-14
    platformphp
    port
    published2007-09-14
    reporters4mi
    sourcehttps://www.exploit-db.com/download/4408/
    titleJBlog 1.0 index.php id Remote SQL Injection Exploit
    typewebapps
  • descriptionJBlog 1.0 Create / Delete Admin Authentication Bypass Exploit. CVE-2007-3973,CVE-2007-3974,CVE-2007-4919. Webapps exploit for php platform
    fileexploits/php/webapps/4211.html
    idEDB-ID:4211
    last seen2016-01-31
    modified2007-07-21
    platformphp
    port
    published2007-07-21
    reporters4mi
    sourcehttps://www.exploit-db.com/download/4211/
    titleJBlog 1.0 Create / Delete Admin Authentication Bypass Exploit
    typewebapps

References