Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Minibloggie Security Vulnerabilities - January

cve
cve

CVE-2006-0417

SQL injection vulnerability in login.php in miniBloggie 1.0 and earlier, when gpc_magic_quotes is disabled, allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameters.

8.8AI Score

0.007EPSS

2006-01-25 11:03 AM
26
cve
cve

CVE-2006-4163

PHP remote file inclusion vulnerability in cls_fast_template.php in myWebland miniBloggie 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the fname parameter. NOTE: another researcher was unable to find a way to execute code after including it via a URL. CVE analy...

8AI Score

0.046EPSS

2006-08-16 10:04 PM
29
cve
cve

CVE-2008-4628

SQL injection vulnerability in del.php in myWebland miniBloggie 1.0 allows remote attackers to execute arbitrary SQL commands via the post_id parameter.

8.3AI Score

0.001EPSS

2008-10-21 01:18 AM
28
cve
cve

CVE-2008-6650

del.php in miniBloggie 1.0 allows remote attackers to delete arbitrary posts via a direct request with a modified post_id parameter, a different vulnerability than CVE-2008-4628.

6.9AI Score

0.036EPSS

2009-04-07 02:17 PM
35