Vulnerabilities > Wheatblog > Wheatblog > 1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-07-04 | CVE-2007-3557 | SQL Injection vulnerability in Wheatblog 1.1 SQL injection vulnerability in admin/login.php in Wheatblog (wB) 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the login parameter. network wheatblog | 6.8 |
| 2007-02-12 | CVE-2006-7002 | Cross-Site Scripting vulnerability in Wheatblog 1.1 Cross-site scripting (XSS) vulnerability in add_comment.php in Wheatblog (wB) 1.1 allows remote attackers to inject arbitrary web script or HTML via the Email field. network wheatblog | 4.3 |
| 2006-10-10 | CVE-2006-5195 | HTML Injection vulnerability in Wheatblog 1.0/1.1 Multiple cross-site scripting (XSS) vulnerabilities in Wheatblog 1.0 and 1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. network wheatblog | 6.8 |