VYPR

Macguru Blog Engine

by WordPress

CVEs (2)

  • CVE-2008-6438Mar 6, 2009
    risk 0.03cvss epss 0.03

    SQL injection vulnerability in macgurublog_menu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also…

  • CVE-2008-2455May 27, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in comment.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the rid parameter.