Vulnerabilities > Webblizzard

DATE CVE VULNERABILITY TITLE RISK
2008-07-11 CVE-2008-3154 SQL Injection vulnerability in Webblizzard Content Management System
SQL injection vulnerability in index.php in WebBlizzard CMS allows remote attackers to execute arbitrary SQL commands via the page parameter.
network
low complexity
webblizzard CWE-89
7.5
2007-04-11 CVE-2007-1950 Cross-Site Scripting vulnerability in Content Management System
Cross-site scripting (XSS) vulnerability in index_cms.php in WebBlizzard CMS allows remote attackers to inject arbitrary web script or HTML via the Suchzeile parameter.
network
webblizzard
4.3
2007-04-11 CVE-2007-1949 Improper Authentication vulnerability in Webblizzard Content Management System
Session fixation vulnerability in WebBlizzard CMS allows remote attackers to hijack web sessions by setting a PHPSESSID cookie.
network
low complexity
webblizzard CWE-287
7.5