bBlog <= 0.7.4 Multiple Vulnerabilities (SQLi, XSS)

The remote host is running bBlog, an open source blog software application. According to its banner, the remote version of this software suffers from several vulnerabilities: - A SQL Injection Vulnerability It is reportedly possible to inject SQL statements through the 'postid' parameter of the...

CVE-2005-1309

Cross-site scripting XSS vulnerability in bBlog 0.7.4 allows remote attackers to inject arbitrary web script or HTML via the 1 entry title field or 2 comment body text...

CVE-2005-1309

Cross-site scripting XSS vulnerability in bBlog 0.7.4 allows remote attackers to inject arbitrary web script or HTML via the 1 entry title field or 2 comment body text...

CVE-2005-1309

CVE-2005-1309 is an XSS vulnerability in bBlog 0.7.4 that allows remote attackers to inject arbitrary script or HTML via the entry title field or the comment body text. The weakness is confirmed in multiple sources (NVD entry with CVSSv2 base score 4.3, MEDIUM) and is echoed across related adviso...