RSS   Vulnerabilities for 'Mafia moblog'   RSS

2006-06-12
 
CVE-2006-2978

CWE-Other
 

 
Mafia Moblog 0.6M1 and earlier allows remote attackers to obtain the installation path in an error message via a direct request to (1) big.php and (2) upgrade.php.

 
 
CVE-2006-2977

CWE-89
 

 
SQL injection vulnerability in big.php in Mafia Moblog 0.6M1 and earlier allows remote attackers to execute arbitrary SQL commands via the img parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top