CVE-2005-2721

Foojan PHP Weblog is affected by multiple XSS vulnerabilities in index.php and admin.php, exploitable via the Referer header in HTTP requests. The issue enables remote attackers to inject arbitrary script/HTML and has a CVSSv2 base score of 4.3 (Medium) with network attack vector, medium complexi...

CVE-2008-0447

CVE-2008-0447 describes an SQL injection in Foojan WMS PHP Weblog 1.0, caused by unsanitized input in the story parameter of index.php. This enables remote attackers to potentially modify or read database data; CVSS v2 base score 7.5 (HIGH) with network access, low attack complexity, and no authe...

CVE-2005-2722

The CVE-2005-2722 entry concerns Foojan PHP Weblog, which exposes information leakage via two pathways: (1) a direct request to /daylinks/index.php and (2) a negative value in the daylinkspage parameter to index.php. The underlying issue is that error messages reveal the internal path, enabling a...