Vulnerabilities > Eggblog

DATE	CVE	VULNERABILITY TITLE	RISK
2011-09-23	CVE-2011-3732	Information Exposure vulnerability in Eggblog 4.1.2 eggBlog 4.1.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by _lib/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php and certain other files. network low complexity eggblog CWE-200	5.0
2008-04-02	CVE-2008-1626	Improper Input Validation vulnerability in Eggblog SQL injection vulnerability in eggBlog before 4.0.1 allows remote attackers to execute arbitrary SQL commands via an unspecified cookie. network low complexity eggblog CWE-20	7.5
2008-01-09	CVE-2008-0159	SQL Injection vulnerability in Eggblog SQL injection vulnerability in index.php in eggBlog 3.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the eggblogpassword parameter in a cookie. network eggblog CWE-89	6.8
2007-11-15	CVE-2007-5980	Cross-Site Scripting vulnerability in Eggblog Cross-site scripting (XSS) vulnerability in home/rss.php in eggblog before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF). network eggblog CWE-79	4.3
2007-06-01	CVE-2007-2978	Link Following vulnerability in Eggblog Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. network eggblog CWE-59	6.8

Vulnerabilities > Eggblog {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Eggblog"}]}