Vulnerabilities > SAM Crew

DATE CVE VULNERABILITY TITLE RISK
2007-04-12 CVE-2007-1990 Remote Security vulnerability in Myblog
PHP remote file inclusion vulnerability in games.php in Sam Crew MyBlog, possibly 1.0 through 1.6, allows remote attackers to execute arbitrary PHP code via a URL in the id parameter, a different vector than CVE-2007-1968.
network
low complexity
sam-crew
7.5
2007-04-11 CVE-2007-1969 Cross-Site Scripting vulnerability in Myblog
Cross-site scripting (XSS) vulnerability in admin/modify.php in Sam Crew MyBlog remote attackers to inject arbitrary web script or HTML via the id parameter.
network
sam-crew
4.3
2007-04-11 CVE-2007-1968 Remote File Include vulnerability in MyBlog Games.PHP
PHP remote file inclusion vulnerability in games.php in Sam Crew MyBlog, possibly 1.0 through 1.6, allows remote attackers to execute arbitrary PHP code via a URL in the scoreid parameter.
network
sam-crew
6.8