VYPR

IDoBlog

by Joomla

CVEs (2)

  • CVE-2009-3417Sep 25, 2009
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in the IDoBlog (com_idoblog) component 1.1 build 30 for Joomla! allows remote attackers to execute arbitrary SQL commands via the userid parameter in a profile action to index.php, a different vector than CVE-2008-2627.

  • CVE-2008-2627Jun 10, 2008
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in the IDoBlog (com_idoblog) component b24 and earlier and 1.0, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the userid parameter in a userblog action to index.php.