Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
TuxplanetBilboblog

2 matches found

CVE
CVEadded 2008/07/25 1:41 p.m.31 views

CVE-2008-3303

admin/login.php in BilboBlog 0.2.1, when register_globals is enabled, allows remote attackers to bypass authentication and obtain administrative access via a direct request that sets the login, admin_login, password, and admin_passwd parameters.

6.8CVSS6.9AI score0.01947EPSS
Web
CVE
CVEadded 2008/07/25 1:41 p.m.30 views

CVE-2008-3302

SQL injection vulnerability in admin/delete.php in BilboBlog 0.2.1, when magic_quotes_gpc is disabled, allows remote authenticated administrators to execute arbitrary SQL commands via the num parameter.

6CVSS8AI score0.00559EPSS
Web