Lucene search

Blog System Security Vulnerabilities

cve

CVE-2005-4049

Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the cat parameter in index.php and (2) the note parameter in blog.php.

8.9AI Score

0.023EPSS

2005-12-07 11:03 AM

cve

CVE-2007-3979

SQL injection vulnerability in index.php in BlogSite Professional (aka Blog System) 1.x allows remote attackers to execute arbitrary SQL commands via the news_id parameter.

8.4AI Score

0.01EPSS

2007-07-25 05:30 PM

cve

CVE-2008-5311

SQL injection vulnerability in image.php in NetArt Media Blog System 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.

8.4AI Score

0.001EPSS

2008-12-02 12:00 PM

cve

CVE-2009-3594

Cross-site scripting (XSS) vulnerability in bpost.php in BLOB Blog System before 1.2 allows remote attackers to inject arbitrary web script or HTML via the postid parameter.

5.7AI Score

0.002EPSS

2009-10-08 05:30 PM

cve

CVE-2010-0458

Multiple SQL injection vulnerabilities in NetArt Media Blog System 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to index.php and the (2) note parameter to blog.php.

8.8AI Score

0.001EPSS

2010-01-28 08:30 PM