Blogit! Security Vulnerabilities and Issues — Blogit! CVE List

Lucene search

KatywhittonBlogit!

4 matches found

CVE•added 2009/01/29 6:30 p.m.•35 views

CVE-2009-0334

SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the day parameter in an archive action.

7.5CVSS8.7AI score0.00169EPSS

CVE•added 2009/01/29 6:30 p.m.•34 views

CVE-2009-0337

SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

7.5CVSS8.4AI score0.0013EPSS

CVE•added 2009/01/29 6:30 p.m.•31 views

CVE-2009-0335

Cross-site scripting (XSS) vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to inject arbitrary web script or HTML via the view parameter.

4.3CVSS5.8AI score0.01346EPSS

CVE•added 2009/01/29 6:30 p.m.•28 views

CVE-2009-0336

Katy Whitton BlogIt! stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request for database/Blog.mdb. NOTE: some of these details are obtained from third party inform...

5CVSS6.6AI score0.01744EPSS