Vulnerabilities > Microblog
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-09-23 | CVE-2011-3756 | Information Exposure vulnerability in Microblog 0.9.5 MicroBlog 0.9.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by init.php and certain other files. | 5.0 |
2006-01-18 | CVE-2006-0234 | SQL Injection vulnerability in Microblog 2.0Rc10 SQL injection vulnerability in index.php in microBlog 2.0 RC-10 allows remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters. | 7.5 |
2006-01-18 | CVE-2006-0233 | Cross-Site Scripting vulnerability in Microblog 2.0Rc10 Cross-site scripting (XSS) vulnerability in functions.php in microBlog 2.0 RC-10 allows remote attackers to inject arbitrary web script and HTML via a javascript: URI in a [url] BBcode tag. | 4.3 |