Vulnerabilities > Gerrit VAN Aaken > Loudblog > 0.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-07-25 | CVE-2006-3832 | SQL-Injection vulnerability in Loudblog SQL injection vulnerability in index.php in Gerrit van Aaken Loudblog 0.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2006-07-25 | CVE-2006-3820 | Cross-Site Scripting vulnerability in Gerrit Van Aaken Loudblog Cross-site scripting (XSS) vulnerability in loudblog/index.php in Loudblog before 0.5 allows remote attackers to inject arbitrary web script or HTML via the page parameter. network gerrit-van-aaken | 4.3 |