VYPR
Vendor

Bblog

Products
2
CVEs
7
Across products
8
Status
Private

Products

2

Recent CVEs

7
  • CVE-2004-1865MedMar 26, 2004
    risk 0.31cvss 4.8epss 0.01

    Cross-site scripting (XSS) vulnerability in the administration panel in bBlog 0.7.2 allows remote authenticated users with superuser privileges to inject arbitrary web script or HTML via a blog name ($blogname). NOTE: if administrators are normally allowed to add HTML by other…

  • CVE-2008-4436Oct 3, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in bblog_plugins/builtin.help.php in bBlog 0.7.6 allows remote attackers to execute arbitrary SQL commands via the mod parameter.

  • CVE-2007-1481Mar 16, 2007
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in index.php in WBBlog allows remote attackers to execute arbitrary SQL commands via the e_id parameter in a viewentry cmd.

  • CVE-2015-0905Apr 8, 2015
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in bBlog allows remote attackers to hijack the authentication of arbitrary users.

  • CVE-2005-1309May 2, 2005
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote attackers to inject arbitrary web script or HTML via the (1) entry title field or (2) comment body text.

  • CVE-2005-1310Apr 23, 2005
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in bBlog 0.7.4 allows remote attackers to execute arbitrary SQL commands via the postid parameter.

  • CVE-2004-1570Dec 31, 2004
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in bBlog 0.7.2 and 0.7.3 allows remote attackers to execute arbitrary SQL commands via the p parameter.