Chipmunk Blogger Security Vulnerabilities and Issues — Chipmunk Blogger CVE List

Lucene search

Chipmunk ScriptsChipmunk Blogger

4 matches found

CVE•added 2008/07/15 10:41 p.m.•37 views

CVE-2008-3186

Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blog (Blogger) allow remote attackers to inject arbitrary web script or HTML via the membername parameter to (1) members.php, (2) comments.php, (3) photos.php, (4) archive.php, or (5) cat.php. NOTE: the provenance of this information i...

4.3CVSS5.7AI score0.00217EPSS

CVE•added 2007/02/24 12:28 a.m.•33 views

CVE-2006-7043

Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blogger allow remote authenticated users to inject arbitrary web script or HTML via script tags in (1) posts and (2) profile names; and (3) a javascript URI in a URL argument in the photo gallery.

3.5CVSS5.7AI score0.00201EPSS

CVE•added 2009/02/03 7:30 p.m.•31 views

CVE-2009-0399

Chipmunk Blogger Script allows remote attackers to gain administrator privileges via a direct request to admin/reguser.php. NOTE: this is only a vulnerability when the administrator does not properly follow installation directions.

7.5CVSS7.1AI score0.02744EPSS

CVE•added 2009/02/03 7:30 p.m.•28 views

CVE-2009-0403

SQL injection vulnerability in admin/authenticate.php in Chipmunk Blogger Script allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.

7.5CVSS8.8AI score0.00351EPSS