2 matches found
CVE-2007-0799
CVE-2007-0799 involves a SQL injection in badword.asp of Ublog Reload 1.0.5. The vulnerability arises from improper handling of user-supplied input, enabling remote attackers to execute arbitrary SQL commands via unspecified vectors. Affected product/version: Ublog Reload 1.0.5; vulnerable compon...
CVE-2006-2246
The CVE-2006-2246 entry documents a cross-site scripting (XSS) vulnerability in UBlog 1.6 Access Edition. The flaw allows remote attackers to inject arbitrary web script or HTML via text fields when adding a blog entry. Affected product: UBlog 1.6 Access Edition. Root cause: unsanitized input in ...