Blog System
by Netartmedia
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-0458 | 0.03 | — | 0.01 | Jan 28, 2010 | Multiple SQL injection vulnerabilities in NetArt Media Blog System 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to index.php and the (2) note parameter to blog.php. | |||
| CVE-2008-5311 | 0.03 | — | 0.01 | Dec 2, 2008 | SQL injection vulnerability in image.php in NetArt Media Blog System 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||
| CVE-2007-3979 | 0.03 | — | 0.01 | Jul 25, 2007 | SQL injection vulnerability in index.php in BlogSite Professional (aka Blog System) 1.x allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | |||
| CVE-2005-4049 | 0.03 | — | 0.02 | Dec 7, 2005 | Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the cat parameter in index.php and (2) the note parameter in blog.php. | |||
| CVE-2024-13199 | 0.00 | — | 0.00 | Jan 9, 2025 | A vulnerability classified as problematic was found in langhsu Mblog Blog System 3.5.0. Affected by this vulnerability is an unknown functionality of the file /search of the component Search Bar. The manipulation of the argument kw leads to cross site scripting. The attack can… | |||
| CVE-2024-13198 | 0.00 | — | 0.01 | Jan 9, 2025 | A vulnerability classified as problematic has been found in langhsu Mblog Blog System 3.5.0. Affected is an unknown function of the file /login. The manipulation leads to observable response discrepancy. It is possible to launch the attack remotely. The complexity of an attack… | |||
| CVE-2024-28713 | 0.00 | — | 0.02 | Mar 28, 2024 | An issue in Mblog Blog system v.3.5.0 allows an attacker to execute arbitrary code via a crafted file to the theme management feature. |
- CVE-2010-0458Jan 28, 2010risk 0.03cvss —epss 0.01
Multiple SQL injection vulnerabilities in NetArt Media Blog System 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to index.php and the (2) note parameter to blog.php.
- CVE-2008-5311Dec 2, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in image.php in NetArt Media Blog System 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
- CVE-2007-3979Jul 25, 2007risk 0.03cvss —epss 0.01
SQL injection vulnerability in index.php in BlogSite Professional (aka Blog System) 1.x allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
- CVE-2005-4049Dec 7, 2005risk 0.03cvss —epss 0.02
Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the cat parameter in index.php and (2) the note parameter in blog.php.
- CVE-2024-13199Jan 9, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as problematic was found in langhsu Mblog Blog System 3.5.0. Affected by this vulnerability is an unknown functionality of the file /search of the component Search Bar. The manipulation of the argument kw leads to cross site scripting. The attack can…
- CVE-2024-13198Jan 9, 2025risk 0.00cvss —epss 0.01
A vulnerability classified as problematic has been found in langhsu Mblog Blog System 3.5.0. Affected is an unknown function of the file /login. The manipulation leads to observable response discrepancy. It is possible to launch the attack remotely. The complexity of an attack…
- CVE-2024-28713Mar 28, 2024risk 0.00cvss —epss 0.02
An issue in Mblog Blog system v.3.5.0 allows an attacker to execute arbitrary code via a crafted file to the theme management feature.