RSS   Vulnerabilities for 'Quickblogger'   RSS

2006-09-28
 
CVE-2006-5081

CWE-Other
 

 
PHP remote file inclusion vulnerability in acc.php in QuickBlogger (QB) 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.

 
2006-04-14
 
CVE-2006-1791

CWE-Other
 

 
Directory traversal vulnerability in acc.php in QuickBlogger 1.4 allows remote attackers to read or include arbitrary local files via the request parameter. NOTE: this issue can also produce resultant XSS when the associated include statement fails.

 
2005-12-31
 
CVE-2005-4785

 

 
Cross-site scripting (XSS) vulnerability in QuickBlogger 1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) author ("your name") and (2) "comment" section.

 


Copyright 2024, cxsecurity.com

 

Back to Top