RSS   Vulnerabilities for 'Weblog'   RSS

2008-07-25
 
CVE-2008-3318

CWE-287
 

 
admin/index.php in Maian Weblog 4.0 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary weblog_cookie cookie.

 
2007-04-17
 
CVE-2007-2078

CWE-Other
 

 
** DISPUTED ** PHP remote file inclusion vulnerability in index.php in Maian Weblog 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. NOTE: this issue was disputed by a third party researcher, since the path_to_folder variable is initialized before use.

 

 >>> Vendor: Maian 7 Products
Support
Gallery
Search
Weblog
Links
Guestbook
Recipe


Copyright 2024, cxsecurity.com

 

Back to Top