Loudblog Security Vulnerabilities

CVE-2008-6077

SQL injection vulnerability in loudblog/ajax.php in LoudBlog 0.8.0a and earlier allows remote authenticated users to execute arbitrary SQL commands via the colpick parameter in a singleread...

CVE-2008-0139

Eval injection vulnerability in loudblog/inc/parse_old.php in Loudblog 0.8.0 and earlier allows remote attackers to execute arbitrary PHP code via the template...