Simple Php Blog Security Vulnerabilities and Issues — Simple Php Blog CVE List

Lucene search

Alexander PalmoSimple Php Blog

3 matches found

CVE•added 2005/08/30 11:45 a.m.•51 views

CVE-2005-2733

upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.

7.5CVSS7.4AI score0.80569EPSS

Web

CVE•added 2006/03/15 5:6 p.m.•38 views

CVE-2006-1243

Directory traversal vulnerability in install05.php in Simple PHP Blog (SPB) 0.4.7.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the blog_language parameter, as demonstrated by injecting PHP sequences...

7.5CVSS7.3AI score0.16306EPSS

CVE•added 2007/09/24 11:17 p.m.•35 views

CVE-2007-5071

Incomplete blacklist vulnerability in upload_img_cgi.php in Simple PHP Blog before 0.5.1 allows remote attackers to upload dangerous files and execute arbitrary code, as demonstrated by a filename ending in .php. or a .htaccess file, a different vector than CVE-2005-2733. NOTE: the vulnerability wa...

7.5CVSS7.4AI score0.80569EPSS