Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SblogSblog

5 matches found

CVE
CVEadded 2007/04/02 11:19 p.m.46 views

CVE-2007-1801

Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conf_lang_default parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by...

7.5CVSS7.2AI score0.03255EPSS
Web
CVE
CVEadded 2007/07/31 10:17 a.m.43 views

CVE-2007-4102

Cross-site scripting (XSS) vulnerability in search.php for sBlog 0.7.3 Beta allows remote attackers to inject arbitrary HTML and web script via a leading '"/> sequence in the search string.

4.3CVSS5.8AI score0.00285EPSS
CVE
CVEadded 2006/01/06 11:3 a.m.30 views

CVE-2006-0101

Multiple cross-site scripting (XSS) vulnerabilities in sBLOG 0.7.1 Beta 20051202 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p and (2) keyword parameters in (a) index.php and (b) search.php.

4.3CVSS5.8AI score0.00427EPSS
CVE
CVEadded 2006/03/10 2:2 a.m.29 views

CVE-2006-1135

Multiple cross-site scripting (XSS) vulnerabilities in sBlog 0.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) keyword parameter to search.php or (2) username parameter to comments_do.php.

4.3CVSS5.7AI score0.00814EPSS
CVE
CVEadded 2007/11/05 6:46 p.m.27 views

CVE-2007-5818

Cross-site request forgery (CSRF) vulnerability in blocks_edit_do.php in sBlog 0.7.3 Beta allows remote attackers to change arbitrary blocks as administrators.

7.6CVSS7AI score0.00391EPSS