Vulnerabilities > Supersimple
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-07-20 | CVE-2009-2553 | SQL Injection vulnerability in Supersimple Super Simple Blog Script 2.5.4 Multiple SQL injection vulnerabilities in comments.php in Super Simple Blog Script 2.5.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the entry parameter. | 6.8 |
2009-07-20 | CVE-2009-2552 | Path Traversal vulnerability in Supersimple Super Simple Blog Script 2.5.4 Multiple directory traversal vulnerabilities in comments.php in Super Simple Blog Script 2.5.4 allow remote attackers to overwrite, include, and execute arbitrary local files via the entry parameter. | 6.8 |