@christianhugo/mobile-builder (=0.7.3-beta.3), @saltcorn/mobile-builder (>=0.7.2 <=0.7.3-beta.3) potentially affected by unknown CVE via @saltcorn/cli (>=0.7.2-beta.10 <=0.7.3-beta.3)

@saltcorn/cli NPM version =0.7.2-beta.10, =0.7.2, =0.7.3-beta.3 Source cves: unknown CVE Source advisory: OSV:GHSA-WXF3-4FVJ-VQQX...

CVE-2007-5818

Cross-site request forgery CSRF vulnerability in blockseditdo.php in sBlog 0.7.3 Beta allows remote attackers to change arbitrary blocks as administrators...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in blockseditdo.php in sBlog 0.7.3 Beta allows remote attackers to change arbitrary blocks as administrators...

Sql injection

SQL injection vulnerability in search.php in SiteX CMS 0.7.3 Beta allows remote attackers to execute arbitrary SQL commands via the search parameter...

CVE-2007-4102

Cross-site scripting XSS vulnerability in search.php for sBlog 0.7.3 Beta allows remote attackers to inject arbitrary HTML and web script via a leading '"/ sequence in the search string...

Cross site scripting

Cross-site scripting XSS vulnerability in search.php for sBlog 0.7.3 Beta allows remote attackers to inject arbitrary HTML and web script via a leading '"/ sequence in the search string...

CVE-2007-4102

The CVE-2007-4102 entry describes a Cross-site Scripting (XSS) flaw in sBlog 0.7.3 Beta, specifically in search.php. The vulnerability allows remote attackers to inject arbitrary HTML and script via a leading '"/&gt; sequence in the search string. Impact is stated as HTML/script injection without...

sblog073-xss.txt

sBlog 0.7.3 Beta XSS Vulnerabilitie Found by 0x90 www.0x90.com.ar msn & mail: [email protected] in blog http://host/blog/search.php use '"/ Welcome to the jungle!...

Directory traversal

Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta allows remote attackers to include and execute arbitrary local files via a .. dot dot in the conflangdefault parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by...

CVE-2007-1801

Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta allows remote attackers to include and execute arbitrary local files via a .. dot dot in the conflangdefault parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by...

sBLOG 0.7.3 Beta - inclang.php Local File Inclusion

sBLOG 0.7.3 Beta - inclang.php Local File Inclusion !/usr/bin/perl sBLOG 0.7.3 Betainc/lang.phpLocal File Inclusion Exploit D.Script: http://sourceforge.net/projects/sblog/ V.Code: ifisset$conflangdefault && fileexists'lang/' . $conflangdefault . '.php' require'lang/' . $conflangdefault . '.php';...

sBLOG 0.7.3 Beta (inc/lang.php) Local File Inclusion Exploit

Exploit for unknown platform in category web applications ===================================== sBLOG 0.7.3 Beta inc/lang.php Local File Inclusion Exploit ============================================================ !/usr/bin/perl sBLOG 0.7.3 Betainc/lang.phpLocal File Inclusion Exploit D.Script:...