Medium severity5.3NVD Advisory· Published Jul 9, 2008· Updated Apr 23, 2026

CVE-2007-3650

Description

myWebland myBloggie 2.1.6 allow remote attackers to obtain sensitive information via (1) an invalid year parameter to calendar.php, reached through index.php; (2) a direct request to common.php; and (3) a mode array parameter in the query string to login.php, which reveal the installation path in various error messages.

Affected products

Mywebland/Mybloggie
cpe:2.3:a:mywebland:mybloggie:2.1.6:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.netvigilance.com/advisory0039nvdExploit
descriptions.securescout.com/tc/17970nvd

News mentions

No linked articles in our index yet.

cvss	0.345
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000