CVE-2006-6466

Multiple cross-site scripting XSS vulnerabilities in WBmap.php in WikyBlog 1.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 key, 2 d, 3 l, or 4 v parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third par...

CVE-2006-6466

Multiple cross-site scripting XSS vulnerabilities in WBmap.php in WikyBlog 1.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 key, 2 d, 3 l, or 4 v parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third par...

CVE-2006-6465

WikyBlog v1.3.2 and earlier exposes a directory traversal risk in WBmap.php via the l parameter. The vulnerability is described as allowing remote inclusion/execution of local files, with the note that the l parameter is validated by ctype_alpha before use, which CVE disputes. Affected software i...

CVE-2006-6466

CVE-2006-6466 affects WikyBlog 1.3.2 and earlier, due to cross-site scripting in WBmap.php allowing remote injection of arbitrary script/HTML via the (1) key, (2) d, (3) l, or (4) v parameters. The l vector is disputed since it is validated by ctype_alpha before use. This entry’s exploitation sta...

PT-2006-7074 · Wikyblog · Wikyblog

Name of the Vulnerable Software and Affected Versions: WikyBlog versions 1.3.2 and earlier Description: A directory traversal issue in WBmap.php allows remote attackers to include and execute arbitrary local files. This is achieved by using directory traversal sequences in the l parameter. Howeve...

WikyBlog 1.3.2 (include/WBmap.php) Local File Inclusion Exploit

No description provided by source. r0ut3r Presents... Another r0ut3r discovery! writ3r at gmail.com WikyBlog Local File Inclusion Exploit Software: WikyBlog 1.3 Vendor: http://www.wikyblog.com/ Released: 2006/12/01 Discovered & Exploit By:...