CVE-2006-1779

Cross-site scripting XSS vulnerability in login.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the btag parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in login.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the btag parameter...

CVE-2006-1778

Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog 0.9.2 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 blogid parameter in a index.php and b archive.php, the 2 m and 3 y parameters in archive.php, and the 4 sql parameter in c server.php...

CVE-2006-1776

PHP remote file inclusion vulnerability in doc/index.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the s parameter...

CVE-2006-1776

Summary: CVE-2006-1776 affects Simplog

simplog_092_incl_xpl

!/usr/bin/php -q -d shortopentag=on \r\n"; die; / software site: http://www.simplog.org/ description: "Simplog provides an easy way for users to add blogging capabilities to their existing websites. Simplog is...