RSS   Vulnerabilities for 'Comdev web blogger'   RSS

2009-02-23
 
CVE-2008-6250

CWE-89
 

 
SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter to a blog page.

 
2007-06-06
 
CVE-2007-3084

CWE-Other
 

 
PHP remote file inclusion vulnerability in sampleblogger.php in Comdev Web Blogger 4.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter, a different vector than CVE-2006-5441.

 
2006-10-20
 
CVE-2006-5441

 

 
PHP remote file inclusion vulnerability in adminfoot.php in Comdev Web Blogger 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

 

 >>> Vendor: Comdev 11 Products
Comdev ecommerce
Comdev vote caster
Comdev csv importer
Comdev forum
Comdev misc tools
Comdev form designer
Comdev web blogger
Comdev one admin pro
Modules builder
Comdev news publisher
Jomestate pro


Copyright 2024, cxsecurity.com

 

Back to Top