4 matches found
Design/Logic Flaw
Nibbleblog 4.0.5 allows eval injection by placing PHP code in the install.php username parameter and then making a content/private/shadow.php request...
CVE-2019-7719
Nibbleblog 4.0.5 allows eval injection by placing PHP code in the install.php username parameter and then making a content/private/shadow.php request...
CVE-2018-6470
Nibbleblog 4.0.5 on macOS defaults to having .DSStore in each directory, causing DSStore information to leak...
CVE-2018-6470
Nibbleblog 4.0.5 on macOS defaults to having .DSStore in each directory, causing DSStore information to leak...