Mybloggie@2.1.1 Security Vulnerabilities and Issues — Mybloggie@2.1.1 CVE List

Lucene search

MyweblandMybloggie2.1.1

6 matches found

CVE•added 2005/05/11 4:0 a.m.•41 views

CVE-2005-1497

index.php in myBloggie 2.1.1 allows remote attackers to obtain sensitive information via an invalid post_id parameter, which reveals the path in an error message.

5CVSS6.6AI score0.00391EPSS

CVE•added 2005/09/07 8:3 p.m.•37 views

CVE-2005-2838

SQL injection vulnerability in login.php in myBloggie 2.1.3-beta and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.

7.5CVSS8.8AI score0.00816EPSS

CVE•added 2005/05/11 4:0 a.m.•35 views

CVE-2005-1500

Multiple SQL injection vulnerabilities in myBloggie 2.1.1 allow remote attackers to execute arbitrary SQL commands via (1) the keyword parameter in search.php; or (2) the date_no parameter in viewdate mode, (3) the cat_id parameter in viewcat mode, the (4) month_no or (5) year parameter in viewmont...

7.5CVSS8.6AI score0.01151EPSS

CVE•added 2005/05/11 4:0 a.m.•32 views

CVE-2005-1499

delcomment.php in myBloggie 2.1.1 allows remote attackers to delete arbitrary comments by modifying the comment_id parameter.

7.5CVSS6.8AI score0.01708EPSS

CVE•added 2005/04/16 4:0 a.m.•31 views

CVE-2005-1140

Cross-site scripting (XSS) vulnerability in myBloggie 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the comments.

4.3CVSS5.7AI score0.00331EPSS

CVE•added 2005/05/11 4:0 a.m.•31 views

CVE-2005-1498

Multiple cross-site scripting (XSS) vulnerabilities in myBloggie 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) year parameter in viewmode.php, or the (2) cat_id, (3) month_no, or (4) post_id parameter in index.php, which are not properly sanitized before they are d...

4.3CVSS5.8AI score0.03175EPSS