Vulnerabilities > JL Webworks > Quickblogger
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-09-29 | CVE-2006-5081 | Unspecified vulnerability in JL Webworks Quickblogger 1.4 PHP remote file inclusion vulnerability in acc.php in QuickBlogger (QB) 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | 7.5 |
2006-04-14 | CVE-2006-1791 | Cross-Site Scripting vulnerability in JL Webworks Quickblogger 1.4 Directory traversal vulnerability in acc.php in QuickBlogger 1.4 allows remote attackers to read or include arbitrary local files via the request parameter. | 7.5 |
2005-12-31 | CVE-2005-4785 | HTML Injection vulnerability in JL Webworks Quickblogger 1.4 Cross-site scripting (XSS) vulnerability in QuickBlogger 1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) author ("your name") and (2) "comment" section. network jl-webworks | 4.3 |