Vulnerabilities > Sblog
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-11-05 | CVE-2007-5818 | Cross-Site Request Forgery (CSRF) vulnerability in Sblog 0.7.3Beta Cross-site request forgery (CSRF) vulnerability in blocks_edit_do.php in sBlog 0.7.3 Beta allows remote attackers to change arbitrary blocks as administrators. | 7.6 |
2007-07-31 | CVE-2007-4102 | Cross-Site Scripting vulnerability in Sblog 0.7.3Beta Cross-site scripting (XSS) vulnerability in search.php for sBlog 0.7.3 Beta allows remote attackers to inject arbitrary HTML and web script via a leading '"/></> sequence in the search string. network sblog | 4.3 |
2007-04-02 | CVE-2007-1801 | Local File Include vulnerability in Sblog 0.7.3Beta Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2006-03-10 | CVE-2006-1135 | HTML Injection vulnerability in Sblog 0.7.2 Multiple cross-site scripting (XSS) vulnerabilities in sBlog 0.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) keyword parameter to search.php or (2) username parameter to comments_do.php. network sblog | 4.3 |
2006-01-06 | CVE-2006-0101 | Cross-Site Scripting vulnerability in Sblog Multiple cross-site scripting (XSS) vulnerabilities in sBLOG 0.7.1 Beta 20051202 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p and (2) keyword parameters in (a) index.php and (b) search.php. | 4.3 |