EUVD-2006-1077

Malware in sbrugna...

EUVD-2006-1076

Malware in sbrugna...

Cross site scripting

Cross-site scripting XSS vulnerability in Daverave Simplog 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a blog post...

CVE-2006-1073

Directory traversal vulnerability in index.php in Daverave Simplog 1.0.2 and earlier allows remote attackers to include or read arbitrary .txt files via the 1 act and 2 blogid parameters...

CVE-2006-1072

Cross-site scripting XSS vulnerability in Daverave Simplog 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a blog post...

CVE-2006-1072

Affects Daverave Simplog, versions up to 1.0.2. The issue is a Cross-site scripting (XSS) vulnerability that allows injecting arbitrary web script or HTML via a blog post. The core detail provided is the vulnerability description; explicit root cause beyond generic XSS is not stated. Remediation ...

CVE-2006-1073

Summary: CVE-2006-1073 affects Simplog (Daverave Simplog) up to version 1.0.2. Affected component: index.php; vulnerable function is directory traversal via the act and blogid parameters, allowing remote attackers to include or read arbitrary .txt files. The core root cause is insufficient input ...

PT-2006-2100 · Daverave · Daverave Simplog

Name of the Vulnerable Software and Affected Versions: Daverave Simplog versions 1.0.2 and earlier Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via a blog post. This could potentially lead to unauthorized actions on the affected...

CVE-2006-1072

Cross-site scripting XSS vulnerability in Daverave Simplog 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a blog post...

CVE-2006-1073

Directory traversal vulnerability in index.php in Daverave Simplog 1.0.2 and earlier allows remote attackers to include or read arbitrary .txt files via the 1 act and 2 blogid parameters...