VYPR

Light Blog

by Public Warehouse

CVEs (2)

  • CVE-2008-0840Feb 20, 2008
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in view_member.php in Public Warehouse LightBlog 9.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the username parameter.

  • CVE-2007-3131Jun 8, 2007
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in add_comment.php in Light Blog 4.1 before 20070606 allows remote attackers to inject arbitrary web script or HTML via the id parameter.