Ar-blog Security Vulnerabilities and Issues — Ar-blog CVE List

Lucene search

Ar-blogAr-blog

5 matches found

cve•added 2006/06/05 5:2 p.m.•36 views

CVE-2006-2809

Multiple cross-site scripting (XSS) vulnerabilities in index.php in ar-blog 5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) count parameter, and possibly the (2) next, (3) Year_the_news, and (4) mo parameters. NOTE: the year and month vectors are already covered by CVE...

6.8CVSS5.8AI score0.00977EPSS

cve•added 2005/11/04 12:2 a.m.•35 views

CVE-2005-3494

Cross-site scripting (XSS) vulnerability in Ar-blog 5.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a blog comment.

4.3CVSS5.9AI score0.00444EPSS

cve•added 2005/11/04 12:2 a.m.•34 views

CVE-2005-3495

Ar-blog 5.2 and earlier allows remote attackers to bypass authentication by modifying cookies.

7.5CVSS7.4AI score0.00644EPSS

cve•added 2006/01/21 12:3 a.m.•32 views

CVE-2006-0333

Cross-site scripting (XSS) vulnerability in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) month or (2) year parameter to index.php.

4.3CVSS5.6AI score0.00335EPSS

cve•added 2006/04/20 10:2 a.m.•29 views

CVE-2006-1893

Cross-site scripting (XSS) vulnerability in print.php in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

6.8CVSS5.7AI score0.00416EPSS