2 matches found
CVE-2004-1865
CVE-2004-1865 describes a cross-site scripting vulnerability in the administration panel of bBlog 0.7.2 . The issue allows remote authenticated users with superuser privileges to inject arbitrary web script or HTML via the blog name parameter ($blogname). The provided sources indicate the vulnera...
CVE-2004-1865
Cross-site scripting XSS vulnerability in the administration panel in bBlog 0.7.2 allows remote authenticated users with superuser privileges to inject arbitrary web script or HTML via a blog name $blogname. NOTE: if administrators are normally allowed to add HTML by other means, e.g. through...