Vulnerabilities > Gerrit VAN Aaken

DATE CVE VULNERABILITY TITLE RISK
2006-07-25 CVE-2006-3832 SQL-Injection vulnerability in Loudblog
SQL injection vulnerability in index.php in Gerrit van Aaken Loudblog 0.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
gerrit-van-aaken
7.5
2006-07-25 CVE-2006-3820 Cross-Site Scripting vulnerability in Gerrit Van Aaken Loudblog
Cross-site scripting (XSS) vulnerability in loudblog/index.php in Loudblog before 0.5 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
4.3
2006-03-09 CVE-2006-1114 Input Validation vulnerability in Gerrit VAN Aaken Loudblog 0.41
Multiple directory traversal vulnerabilities in Loudblog before 0.42 allow remote attackers to read or include arbitrary files via a ..
network
low complexity
gerrit-van-aaken
6.4
2006-03-09 CVE-2006-1113 Input Validation vulnerability in Gerrit VAN Aaken Loudblog 0.41
SQL injection vulnerability in podcast.php in Loudblog before 0.42 allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
gerrit-van-aaken
5.0
2006-02-06 CVE-2006-0565 Code Injection vulnerability in Gerrit VAN Aaken Loudblog 0.1/0.2/0.3
PHP remote file include vulnerability in inc/backend_settings.php in Loudblog 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the $GLOBALS[path] parameter.
network
low complexity
gerrit-van-aaken CWE-94
7.5