3 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in Blogn BURO GUN 1.9.7 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2006-6176...
CVE-2008-3884
Blogn (BURO GUN) has multiple XSS-related CVEs described across sources. CVE-2006-6176 targets admin.php in Blogn before 1.9.4, allowing remote injection of arbitrary script/HTML via unspecified parameters. CVE-2008-3884 affects Blogn v1.9.7 and earlier, with XSS via unspecified vectors and notes...
CVE-2008-2819
BlognPlus (BURO GUN +) has an SQL injection vulnerability affecting v2.5.4 and earlier for MySQL and PostgreSQL. The issue allows remote attackers to execute arbitrary SQL commands via unspecified vectors, potentially enabling administrative access to blogs. Related connected sources (JVN DB and ...