VYPR

Blogger Script

by Chipmunk Scripts

CVEs (2)

  • CVE-2009-0403Feb 3, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in admin/authenticate.php in Chipmunk Blogger Script allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.

  • CVE-2009-0399Feb 3, 2009
    risk 0.03cvss epss 0.02

    Chipmunk Blogger Script allows remote attackers to gain administrator privileges via a direct request to admin/reguser.php. NOTE: this is only a vulnerability when the administrator does not properly follow installation directions.