Lucene search
+L

4 matches found

CVE
CVE
added 2007/04/26 7:0 p.m.54 views

CVE-2007-2290

CVE-2007-2290 affects B2 Weblog and News Publishing Tool 0.6.1. It describes multiple PHP remote file inclusion vulnerabilities that allow remote attackers to execute arbitrary PHP code by supplying a URL in the b2inc parameter to one of three scripts: b2archives.php, b2categories.php, or b2mail....

7.5CVSS7.6AI score0.03384EPSS
CVE
CVE
added 2003/03/18 5:0 a.m.51 views

CVE-2002-1466

The CVE-2002-1466 entry affects CafeLog b2 Weblog Tool 2.06pre4 when allow_fopen_url is enabled. The vulnerability allows remote attackers to execute arbitrary PHP code via the b2inc variable, enabling full compromise of affected installations. The root cause is the ability to reference or includ...

10CVSS7.7AI score0.02673EPSS
CVE
CVE
added 2003/03/18 5:0 a.m.46 views

CVE-2002-1465

The CVE-2002-1465 entry describes an SQL injection in CafeLog b2 Weblog Tool, exploitable remotely through the tablehosts parameter. The affected component is a web-based weblog tool; the underlying issue is improper input handling that allows arbitrary SQL execution. Impact is partial confidenti...

7.5CVSS8.7AI score0.0138EPSS
CVE
CVE
added 2003/03/18 5:0 a.m.43 views

CVE-2002-1464

CVE-2002-1464 describes a cross-site scripting (XSS) vulnerability in the CafeLog b2 Weblog Tool. The affected component is the CafeLog b2 Weblog Tool, and the root cause is improper handling of user-supplied data in the GPC variable, enabling remote attackers to inject arbitrary HTML or script. ...

6.8CVSS6.1AI score0.01507EPSS