Vulnerabilities > Gerrit VAN Aaken
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-07-25 | CVE-2006-3832 | SQL-Injection vulnerability in Loudblog SQL injection vulnerability in index.php in Gerrit van Aaken Loudblog 0.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2006-07-25 | CVE-2006-3820 | Cross-Site Scripting vulnerability in Gerrit Van Aaken Loudblog Cross-site scripting (XSS) vulnerability in loudblog/index.php in Loudblog before 0.5 allows remote attackers to inject arbitrary web script or HTML via the page parameter. network gerrit-van-aaken | 4.3 |
2006-03-09 | CVE-2006-1114 | Input Validation vulnerability in Gerrit VAN Aaken Loudblog 0.41 Multiple directory traversal vulnerabilities in Loudblog before 0.42 allow remote attackers to read or include arbitrary files via a .. | 6.4 |
2006-03-09 | CVE-2006-1113 | Input Validation vulnerability in Gerrit VAN Aaken Loudblog 0.41 SQL injection vulnerability in podcast.php in Loudblog before 0.42 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 5.0 |
2006-02-06 | CVE-2006-0565 | Code Injection vulnerability in Gerrit VAN Aaken Loudblog 0.1/0.2/0.3 PHP remote file include vulnerability in inc/backend_settings.php in Loudblog 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the $GLOBALS[path] parameter. | 7.5 |