CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

==================================================================================================================================== | Title : Blogator script v 0.93 Reinstall default Password Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firef...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•11 views

Blogator-script 0.95 - 'bs_auth.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28810/info Blogator-script is prone to a cross-site scripting vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser ...

7.1AI score

Exploits0

NVD•added 2009/03/16 4:30 p.m.•9 views

CVE-2008-6473

blogadata/include/initpass2.php in Blogator-script 0.95 allows remote attackers to change the password for arbitrary users via a modified "a" parameter with a "%" wildcard symbol in the b parameter...

6.4CVSS6.9AI score0.04404EPSS

Exploits0References3

Prion•added 2009/03/16 4:30 p.m.•12 views

Default credentials

6.4CVSS7.5AI score0.04404EPSS

Exploits0References3Affected Software1

CVE•added 2009/03/16 4:0 p.m.•53 views

CVE-2008-6473

CVE-2008-6473 affects Blogator-script 0.95. The vulnerability arises in blogadata/include/init_pass2.php where a crafted value for the a parameter with a trailing percent wildcard in b allows remote attackers to change the password for arbitrary users. Reported impact: partial integrity and parti...

6.4CVSS7.2AI score0.04404EPSS

Exploits0References3Affected Software1

Cvelist•added 2008/04/18 10:0 p.m.•12 views

CVE-2008-1892

Cross-site scripting XSS vulnerability in bsauth.php in Blogator-script 0.95 and 1.01 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

5.6AI score0.00324EPSS

Exploits1References3

CVE•added 2008/04/18 10:0 p.m.•37 views

CVE-2008-1892

Blogator-script 0.95 and 1.01 are affected by a Cross-Site Scripting (XSS) vulnerability in bs_auth.php where the msg parameter is not properly sanitized. This allows remote attackers to inject arbitrary web script or HTML, potentially compromising users’ browsers (e.g., stealing cookies) when in...

4.3CVSS5.6AI score0.00324EPSS

Exploits1References3Affected Software1

Exploit DB•added 2008/04/16 12:0 a.m.•30 views

Blogator-script 0.95 - 'bs_auth.php' Cross-Site Scripting Vulnerability

Blogator-script 0.95 'bsauth.php' Cross Site Scripting Vulnerability. CVE-2008-1892. Webapps exploit for php platform source: http://www.securityfocus.com/bid/28810/info Blogator-script is prone to a cross-site scripting vulnerability because it fails to adequately sanitize user-supplied input. A...

4.3CVSS6.5AI score0.00324EPSS

Exploits1

Prion•added 2008/04/12 8:5 p.m.•11 views

Sql injection

SQL injection vulnerability in blogadata/include/sondresult.php in Blogator-script 0.95 allows remote attackers to execute arbitrary SQL commands via the idart parameter...

7.5CVSS9.1AI score0.01EPSS

Exploits0References6Affected Software1

Prion•added 2008/04/12 8:5 p.m.•12 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Blogator-script before 1.01 allow remote attackers to execute arbitrary PHP code via a URL in the inclpage parameter in 1 structadmin.php, 2 structadminblog.php, and 3 structmain.php in blogadata/include...

6.8CVSS8.2AI score0.05766EPSS

Exploits1References5Affected Software1

NVD•added 2008/04/12 8:5 p.m.•10 views

CVE-2008-1760

6.8CVSS7.7AI score0.05766EPSS

Exploits1References5

NVD•added 2008/04/12 8:5 p.m.•6 views

CVE-2008-1763

SQL injection vulnerability in blogadata/include/sondresult.php in Blogator-script 0.95 allows remote attackers to execute arbitrary SQL commands via the idart parameter...

7.5CVSS8.4AI score0.01EPSS

Exploits0References6

CVE•added 2008/04/12 8:0 p.m.•39 views

CVE-2008-1763

Blogator-script 0.95 contains a SQL injection in _blogadata/include/sond_result.php (often shown as sond_result.php) that allows remote attackers to execute arbitrary SQL commands by supplying the id_art parameter. This vulnerability is classified as high severity (CVSS v2 base score 7.5) with ne...

7.5CVSS8.4AI score0.01EPSS

Exploits0References6Affected Software1

Cvelist•added 2008/04/12 8:0 p.m.•11 views

CVE-2008-1763

SQL injection vulnerability in blogadata/include/sondresult.php in Blogator-script 0.95 allows remote attackers to execute arbitrary SQL commands via the idart parameter...

8.4AI score0.01EPSS

Exploits0References6

Cvelist•added 2008/04/12 8:0 p.m.•12 views

CVE-2008-1760

7.7AI score0.05766EPSS

Exploits1References5

CVE•added 2008/04/12 8:0 p.m.•34 views

CVE-2008-1760

CVE-2008-1760 affects Blogator-script prior to 1.01, where multiple PHP remote file inclusion vulnerabilities allow an attacker to execute arbitrary PHP code via a URL in the incl_page parameter in (1) struct_admin.php, (2) struct_admin_blog.php, and (3) struct_main.php inside _blogadata/include....

6.8CVSS7.7AI score0.05766EPSS

Exploits1References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by