VYPR

Blogger

by Chipmunk

CVEs (2)

  • CVE-2008-0559Feb 4, 2008
    Nilsons Blogger
    Nilsons Blogger
    risk 0.03cvss epss 0.02

    Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the permalink parameter in core.php, accessed through index.php; and (2) the thispost parameter in comments.php.

  • CVE-2006-7043Feb 24, 2007
    Chipmunk Scripts
    Chipmunk Blogger
    risk 0.00cvss epss 0.00

    Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blogger allow remote authenticated users to inject arbitrary web script or HTML via script tags in (1) posts and (2) profile names; and (3) a javascript URI in a URL argument in the photo gallery.