VYPR

Bblog

by Bblog

CVEs (6)

  • CVE-2004-1865MedMar 26, 2004
    risk 0.31cvss 4.8epss 0.01

    Cross-site scripting (XSS) vulnerability in the administration panel in bBlog 0.7.2 allows remote authenticated users with superuser privileges to inject arbitrary web script or HTML via a blog name ($blogname). NOTE: if administrators are normally allowed to add HTML by other…

  • CVE-2008-4436Oct 3, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in bblog_plugins/builtin.help.php in bBlog 0.7.6 allows remote attackers to execute arbitrary SQL commands via the mod parameter.

  • CVE-2015-0905Apr 8, 2015
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in bBlog allows remote attackers to hijack the authentication of arbitrary users.

  • CVE-2005-1309May 2, 2005
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote attackers to inject arbitrary web script or HTML via the (1) entry title field or (2) comment body text.

  • CVE-2005-1310Apr 23, 2005
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in bBlog 0.7.4 allows remote attackers to execute arbitrary SQL commands via the postid parameter.

  • CVE-2004-1570Dec 31, 2004
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in bBlog 0.7.2 and 0.7.3 allows remote attackers to execute arbitrary SQL commands via the p parameter.

VYPR — Vulnerability Intelligence