Vendor
Webspot
Products
1
CVEs
2
Across products
2
Status
Private
Products
1- 2 CVEs
Recent CVEs
2| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2006-2860 | 0.04 | — | 0.08 | Jun 6, 2006 | PHP remote file inclusion vulnerability in Webspotblogging 3.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) inc/logincheck.inc.php, (2) inc/adminheader.inc.php, (3) inc/global.php, or (4) inc/mainheader.inc.php. NOTE: some of these vectors were also reported for 3.0 in a separate disclosure. | ||
| CVE-2006-0324 | 0.03 | — | 0.02 | Jan 19, 2006 | SQL injection vulnerability in WebspotBlogging 3.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter to login.php. |
- CVE-2006-2860Jun 6, 2006risk 0.04cvss —epss 0.08
PHP remote file inclusion vulnerability in Webspotblogging 3.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) inc/logincheck.inc.php, (2) inc/adminheader.inc.php, (3) inc/global.php, or (4) inc/mainheader.inc.php. NOTE: some of these vectors were also reported for 3.0 in a separate disclosure.
- CVE-2006-0324Jan 19, 2006risk 0.03cvss —epss 0.02
SQL injection vulnerability in WebspotBlogging 3.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter to login.php.