Simple Blog@2.1 Security Vulnerabilities and Issues — Simple Blog@2.1 CVE List

Lucene search

8pixel.netSimple Blog2.1

4 matches found

CVE•added 2006/09/06 10:4 p.m.•49 views

CVE-2006-4592

Incomplete blacklist vulnerability in default.asp in 8pixel.net Simple Blog 2.3 and earlier allows remote attackers to conduct SQL injection attacks via ">" characters in the id parameter, which are not filtered by the protection mechanism.

7.5CVSS8AI score0.01016EPSS

CVE•added 2006/12/01 12:28 a.m.•44 views

CVE-2006-6191

SQL injection vulnerability in admin/edit.asp in 8pixel.net simpleblog 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5CVSS8.8AI score0.00541EPSS

CVE•added 2006/01/18 1:7 a.m.•40 views

CVE-2006-0239

Multiple cross-site scripting (XSS) vulnerabilities in Simple Blog 2.1 allow remote attackers to inject arbitrary web script or HTML via (1) a comment to comments.asp and (2) possibly certain other fields in unspecified scripts.

5.8CVSS6AI score0.00674EPSS

CVE•added 2006/12/01 12:28 a.m.•36 views

CVE-2006-6192

Unspecified scripts in the admin directory in 8pixel.net SimpleBlog 3.0 and earlier do not properly perform authentication, which allows remote attackers to add users and perform certain other unauthorized privileged actions. NOTE: The provenance of this information is unknown; the details are obta...

7.5CVSS6.7AI score0.00915EPSS