Vulnerabilities > Blogator Script
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-03-16 | CVE-2008-6473 | Credentials Management vulnerability in Blogator-Script 0.95 _blogadata/include/init_pass2.php in Blogator-script 0.95 allows remote attackers to change the password for arbitrary users via a modified "a" parameter with a "%" wildcard symbol in the b parameter. | 6.4 |
2008-04-18 | CVE-2008-1892 | Cross-Site Scripting vulnerability in Blogator Script Blogator Script 0.95/1.01 Cross-site scripting (XSS) vulnerability in bs_auth.php in Blogator-script 0.95 and 1.01 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | 4.3 |