2 matches found
CVE-2006-0249
CVE-2006-0249 is a concrete SQL injection vulnerability in BitDamaged geoBlog MOD_1.0, specifically affecting viewcat.php via the cat parameter ($tmpCategory). The connected sources confirm that remote attackers can trigger arbitrary SQL commands, with the described impact of credential theft and...
CVE-2006-2177
CVE-2006-2177 describes a Cross-site Scripting (XSS) vulnerability in geoBlog 1.0’s viewcat.php, exploitable by passing a crafted value in the cat parameter to inject arbitrary script/HTML. The vulnerability is confirmed in multiple sources (NVD entry; related CVE records) and affects geoBlog 1.0...